From 3f089cc74c83dbc3be5250368f2a830df1b800ba Mon Sep 17 00:00:00 2001 From: Caleb Washburn Date: Mon, 6 Nov 2023 12:01:05 -0600 Subject: [PATCH] refactor user role functions to use v3 --- commands/apply.go | 9 +- commands/assign_default_security_groups.go | 2 +- commands/cleanup_org_users.go | 2 +- commands/create_orgs.go | 2 +- commands/create_private_domains.go | 2 +- commands/create_security_groups.go | 2 +- commands/create_space_security_groups.go | 2 +- commands/create_spaces.go | 2 +- commands/delete_orgs.go | 2 +- commands/delete_spaces.go | 2 +- commands/export_config.go | 1 + commands/export_service_access_config.go | 2 +- commands/initialize.go | 27 +- commands/isolation_segments.go | 2 +- commands/service_access.go | 2 +- commands/share_private_domains.go | 2 +- commands/shared_domains.go | 2 +- commands/update_org_quota.go | 2 +- commands/update_org_users.go | 13 +- commands/update_orgs_metadata.go | 2 +- commands/update_space_quota.go | 2 +- commands/update_space_users.go | 13 +- commands/update_spaces.go | 2 +- commands/update_spaces_metadata.go | 2 +- export/exportconfig.go | 26 +- role/definition.go | 7 + role/fakes/fake_cf_job_client.go | 117 ++ role/fakes/fake_cf_role_client.go | 372 +++++ role/fakes/fake_cf_user_client.go | 202 +++ role/fakes/fake_manager.go | 1543 ++++++++++++++++++++ role/manager.go | 372 +++++ role/manager_org.go | 141 ++ role/manager_org_test.go | 308 ++++ role/manager_space.go | 193 +++ role/manager_space_test.go | 367 +++++ role/manager_test.go | 63 + {user => role}/role_users.go | 81 +- role/suite_test.go | 16 + role/types.go | 59 + user/cleanup_users.go | 68 +- user/fakes/fake_cf_client.go | 822 ----------- user/fakes/fake_mgr.go | 331 ----- user/ldap_users.go | 5 +- user/ldap_users_test.go | 117 +- user/role_users_test.go | 92 -- user/saml_users.go | 5 +- user/saml_users_test.go | 67 +- user/timings.go | 134 -- user/types.go | 37 - user/users.go | 559 +------ user/users_input.go | 27 +- user/users_test.go | 613 +------- 52 files changed, 4092 insertions(+), 2753 deletions(-) create mode 100644 role/definition.go create mode 100644 role/fakes/fake_cf_job_client.go create mode 100644 role/fakes/fake_cf_role_client.go create mode 100644 role/fakes/fake_cf_user_client.go create mode 100644 role/fakes/fake_manager.go create mode 100644 role/manager.go create mode 100644 role/manager_org.go create mode 100644 role/manager_org_test.go create mode 100644 role/manager_space.go create mode 100644 role/manager_space_test.go create mode 100644 role/manager_test.go rename {user => role}/role_users.go (52%) create mode 100644 role/suite_test.go create mode 100644 role/types.go delete mode 100644 user/fakes/fake_cf_client.go delete mode 100644 user/role_users_test.go delete mode 100644 user/timings.go diff --git a/commands/apply.go b/commands/apply.go index 29e9492a..16335281 100644 --- a/commands/apply.go +++ b/commands/apply.go @@ -14,13 +14,16 @@ type ApplyCommand struct { func (c *ApplyCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err != nil { + ldapMgr, err := InitializeLdapManager(c.BaseCFConfigCommand, c.BaseLDAPCommand) + if err != nil { return err } - if err = cfMgmt.UserManager.InitializeLdap(c.LdapUser, c.LdapPassword, c.LdapServer); err != nil { + if ldapMgr != nil { + defer ldapMgr.Close() + } + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, ldapMgr); err != nil { return err } - defer cfMgmt.UserManager.DeinitializeLdap() fmt.Println("********* Creating Orgs") if err = cfMgmt.OrgManager.CreateOrgs(); err != nil { return err diff --git a/commands/assign_default_security_groups.go b/commands/assign_default_security_groups.go index 883b0fd9..a96415f0 100644 --- a/commands/assign_default_security_groups.go +++ b/commands/assign_default_security_groups.go @@ -9,7 +9,7 @@ type AssignDefaultSecurityGroups struct { func (c *AssignDefaultSecurityGroups) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.SecurityGroupManager.AssignDefaultSecurityGroups() } return err diff --git a/commands/cleanup_org_users.go b/commands/cleanup_org_users.go index 711fca0d..ff9dec09 100644 --- a/commands/cleanup_org_users.go +++ b/commands/cleanup_org_users.go @@ -9,7 +9,7 @@ type CleanupOrgUsersCommand struct { // Execute - removes org users func (c *CleanupOrgUsersCommand) Execute([]string) error { - if cfMgmt, err := InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err := InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { errs := cfMgmt.UserManager.CleanupOrgUsers() if len(errs) > 0 { return fmt.Errorf("got errors processing cleanup users %v", errs) diff --git a/commands/create_orgs.go b/commands/create_orgs.go index b658f97b..8901925c 100644 --- a/commands/create_orgs.go +++ b/commands/create_orgs.go @@ -9,7 +9,7 @@ type CreateOrgsCommand struct { func (c *CreateOrgsCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.OrgManager.CreateOrgs() } return err diff --git a/commands/create_private_domains.go b/commands/create_private_domains.go index e4f20de3..9e78d076 100644 --- a/commands/create_private_domains.go +++ b/commands/create_private_domains.go @@ -9,7 +9,7 @@ type CreatePrivateDomainsCommand struct { func (c *CreatePrivateDomainsCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.PrivateDomainManager.CreatePrivateDomains() } return err diff --git a/commands/create_security_groups.go b/commands/create_security_groups.go index 1b1dbafe..6581252d 100644 --- a/commands/create_security_groups.go +++ b/commands/create_security_groups.go @@ -9,7 +9,7 @@ type CreateSecurityGroupsCommand struct { func (c *CreateSecurityGroupsCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.SecurityGroupManager.CreateGlobalSecurityGroups() } return err diff --git a/commands/create_space_security_groups.go b/commands/create_space_security_groups.go index 0136edd7..7b8f94fa 100644 --- a/commands/create_space_security_groups.go +++ b/commands/create_space_security_groups.go @@ -9,7 +9,7 @@ type CreateSpaceSecurityGroupsCommand struct { func (c *CreateSpaceSecurityGroupsCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.SecurityGroupManager.CreateApplicationSecurityGroups() } return err diff --git a/commands/create_spaces.go b/commands/create_spaces.go index 6bc0cf33..23e52fb0 100644 --- a/commands/create_spaces.go +++ b/commands/create_spaces.go @@ -9,7 +9,7 @@ type CreateSpacesCommand struct { func (c *CreateSpacesCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.SpaceManager.CreateSpaces() } return err diff --git a/commands/delete_orgs.go b/commands/delete_orgs.go index 88d30a30..a93d846c 100644 --- a/commands/delete_orgs.go +++ b/commands/delete_orgs.go @@ -9,7 +9,7 @@ type DeleteOrgsCommand struct { func (c *DeleteOrgsCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.OrgManager.DeleteOrgs() } return err diff --git a/commands/delete_spaces.go b/commands/delete_spaces.go index 107a8a1f..fad98427 100644 --- a/commands/delete_spaces.go +++ b/commands/delete_spaces.go @@ -9,7 +9,7 @@ type DeleteSpacesCommand struct { func (c *DeleteSpacesCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.SpaceManager.DeleteSpaces() } return err diff --git a/commands/export_config.go b/commands/export_config.go index 75d13f56..09dcf306 100644 --- a/commands/export_config.go +++ b/commands/export_config.go @@ -31,6 +31,7 @@ func (c *ExportConfigurationCommand) Execute([]string) error { cfMgmt.SharedDomainManager, cfMgmt.ServiceAccessManager, cfMgmt.QuotaManager, + cfMgmt.RoleManager, ) exportManager.SkipRoutingGroups = c.SkipRoutingGroups excludedOrgs := make(map[string]string) diff --git a/commands/export_service_access_config.go b/commands/export_service_access_config.go index 78b2426c..50cc4319 100644 --- a/commands/export_service_access_config.go +++ b/commands/export_service_access_config.go @@ -23,7 +23,7 @@ func (c *ExportServiceAccessCommand) Execute([]string) error { cfMgmt.PrivateDomainManager, cfMgmt.SharedDomainManager, cfMgmt.ServiceAccessManager, - cfMgmt.QuotaManager) + cfMgmt.QuotaManager, cfMgmt.RoleManager) return exportManager.ExportServiceAccess() } diff --git a/commands/initialize.go b/commands/initialize.go index 520a1579..b3b93bab 100644 --- a/commands/initialize.go +++ b/commands/initialize.go @@ -12,10 +12,12 @@ import ( "github.com/vmwarepivotallabs/cf-mgmt/config" "github.com/vmwarepivotallabs/cf-mgmt/configcommands" "github.com/vmwarepivotallabs/cf-mgmt/isosegment" + "github.com/vmwarepivotallabs/cf-mgmt/ldap" "github.com/vmwarepivotallabs/cf-mgmt/organization" "github.com/vmwarepivotallabs/cf-mgmt/organizationreader" "github.com/vmwarepivotallabs/cf-mgmt/privatedomain" "github.com/vmwarepivotallabs/cf-mgmt/quota" + "github.com/vmwarepivotallabs/cf-mgmt/role" "github.com/vmwarepivotallabs/cf-mgmt/securitygroup" "github.com/vmwarepivotallabs/cf-mgmt/serviceaccess" "github.com/vmwarepivotallabs/cf-mgmt/shareddomain" @@ -40,6 +42,7 @@ type CFMgmt struct { IsolationSegmentManager isosegment.Manager ServiceAccessManager *serviceaccess.Manager SharedDomainManager *shareddomain.Manager + RoleManager role.Manager } type Initialize struct { @@ -48,10 +51,26 @@ type Initialize struct { } func InitializeManagers(baseCommand BaseCFConfigCommand) (*CFMgmt, error) { - return InitializePeekManagers(baseCommand, false) + return InitializePeekManagers(baseCommand, false, nil) } -func InitializePeekManagers(baseCommand BaseCFConfigCommand, peek bool) (*CFMgmt, error) { +func InitializeLdapManager(baseCommand BaseCFConfigCommand, ldapCommand BaseLDAPCommand) (*ldap.Manager, error) { + cfg := config.NewManager(baseCommand.ConfigDirectory) + ldapConfig, err := cfg.LdapConfig(ldapCommand.LdapUser, ldapCommand.LdapPassword, ldapCommand.LdapServer) + if err != nil { + return nil, err + } + if ldapConfig.Enabled { + ldapMgr, err := ldap.NewManager(ldapConfig) + if err != nil { + return nil, err + } + return ldapMgr, nil + } + return nil, nil +} + +func InitializePeekManagers(baseCommand BaseCFConfigCommand, peek bool, ldapMgr *ldap.Manager) (*CFMgmt, error) { lo.G.Debugf("Using %s of cf-mgmt", configcommands.GetFormattedVersion()) if baseCommand.SystemDomain == "" || baseCommand.UserID == "" || @@ -118,7 +137,9 @@ func InitializePeekManagers(baseCommand BaseCFConfigCommand, peek bool) (*CFMgmt cfMgmt.OrgReader = organizationreader.NewReader(client, v3client.Organizations, cfg, peek) cfMgmt.SpaceManager = space.NewManager(v3client.Spaces, v3client.SpaceFeatures, cfMgmt.UAAManager, cfMgmt.OrgReader, cfg, peek) cfMgmt.OrgManager = organization.NewManager(v3client.Organizations, cfMgmt.OrgReader, cfg, peek) - userManager, err := user.NewManager(client, cfg, cfMgmt.SpaceManager, cfMgmt.OrgReader, cfMgmt.UAAManager, peek) + cfMgmt.RoleManager = role.New(v3client.Roles, v3client.Users, v3client.Jobs, uaaMgr, peek) + + userManager, err := user.NewManager(cfg, cfMgmt.SpaceManager, cfMgmt.OrgReader, cfMgmt.UAAManager, cfMgmt.RoleManager, ldapMgr, peek) if err != nil { return nil, err } diff --git a/commands/isolation_segments.go b/commands/isolation_segments.go index fb7027e8..377cc5b2 100644 --- a/commands/isolation_segments.go +++ b/commands/isolation_segments.go @@ -7,7 +7,7 @@ type IsolationSegmentsCommand struct { // Execute - updates spaces func (c *IsolationSegmentsCommand) Execute([]string) error { - cfMgmt, err := InitializePeekManagers(c.BaseCFConfigCommand, c.Peek) + cfMgmt, err := InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil) if err != nil { return err } diff --git a/commands/service_access.go b/commands/service_access.go index 51edf938..095b9227 100644 --- a/commands/service_access.go +++ b/commands/service_access.go @@ -9,7 +9,7 @@ type ServiceAccessCommand struct { func (c *ServiceAccessCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.ServiceAccessManager.Apply() } return err diff --git a/commands/share_private_domains.go b/commands/share_private_domains.go index f5fc6a63..0edace85 100644 --- a/commands/share_private_domains.go +++ b/commands/share_private_domains.go @@ -9,7 +9,7 @@ type SharePrivateDomainsCommand struct { func (c *SharePrivateDomainsCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.PrivateDomainManager.SharePrivateDomains() } return err diff --git a/commands/shared_domains.go b/commands/shared_domains.go index cf8207d5..5802a7c2 100644 --- a/commands/shared_domains.go +++ b/commands/shared_domains.go @@ -9,7 +9,7 @@ type SharedDomainsCommand struct { func (c *SharedDomainsCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.SharedDomainManager.Apply() } return err diff --git a/commands/update_org_quota.go b/commands/update_org_quota.go index ff22921f..84aa74bc 100644 --- a/commands/update_org_quota.go +++ b/commands/update_org_quota.go @@ -9,7 +9,7 @@ type UpdateOrgQuotasCommand struct { func (c *UpdateOrgQuotasCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.QuotaManager.CreateOrgQuotas() } return err diff --git a/commands/update_org_users.go b/commands/update_org_users.go index 46c28909..c24f410c 100644 --- a/commands/update_org_users.go +++ b/commands/update_org_users.go @@ -10,11 +10,14 @@ type UpdateOrgUsersCommand struct { // Execute - updates orgs quotas func (c *UpdateOrgUsersCommand) Execute([]string) error { - if cfMgmt, err := InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { - if err := cfMgmt.UserManager.InitializeLdap(c.LdapUser, c.LdapPassword, c.LdapServer); err != nil { - return err - } - defer cfMgmt.UserManager.DeinitializeLdap() + ldapMgr, err := InitializeLdapManager(c.BaseCFConfigCommand, c.BaseLDAPCommand) + if err != nil { + return err + } + if ldapMgr != nil { + defer ldapMgr.Close() + } + if cfMgmt, err := InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, ldapMgr); err == nil { errs := cfMgmt.UserManager.UpdateOrgUsers() if len(errs) > 0 { return fmt.Errorf("got errors processing update org users %v", errs) diff --git a/commands/update_orgs_metadata.go b/commands/update_orgs_metadata.go index 19e8e582..04822a7b 100644 --- a/commands/update_orgs_metadata.go +++ b/commands/update_orgs_metadata.go @@ -9,7 +9,7 @@ type UpdateOrgsMetadataCommand struct { func (c *UpdateOrgsMetadataCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.OrgManager.UpdateOrgsMetadata() } return err diff --git a/commands/update_space_quota.go b/commands/update_space_quota.go index b107cf69..ed1b7aaf 100644 --- a/commands/update_space_quota.go +++ b/commands/update_space_quota.go @@ -9,7 +9,7 @@ type UpdateSpaceQuotasCommand struct { func (c *UpdateSpaceQuotasCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.QuotaManager.CreateSpaceQuotas() } return err diff --git a/commands/update_space_users.go b/commands/update_space_users.go index 06599aa8..986f1378 100644 --- a/commands/update_space_users.go +++ b/commands/update_space_users.go @@ -10,11 +10,14 @@ type UpdateSpaceUsersCommand struct { // Execute - updates space users func (c *UpdateSpaceUsersCommand) Execute([]string) error { - if cfMgmt, err := InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { - if err := cfMgmt.UserManager.InitializeLdap(c.LdapUser, c.LdapPassword, c.LdapServer); err != nil { - return err - } - defer cfMgmt.UserManager.DeinitializeLdap() + ldapMgr, err := InitializeLdapManager(c.BaseCFConfigCommand, c.BaseLDAPCommand) + if err != nil { + return err + } + if ldapMgr != nil { + defer ldapMgr.Close() + } + if cfMgmt, err := InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, ldapMgr); err == nil { errs := cfMgmt.UserManager.UpdateSpaceUsers() if len(errs) > 0 { return fmt.Errorf("got errors processing update space users %v", errs) diff --git a/commands/update_spaces.go b/commands/update_spaces.go index bb97ce34..23ec9f45 100644 --- a/commands/update_spaces.go +++ b/commands/update_spaces.go @@ -9,7 +9,7 @@ type UpdateSpacesCommand struct { func (c *UpdateSpacesCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.SpaceManager.UpdateSpaces() } return err diff --git a/commands/update_spaces_metadata.go b/commands/update_spaces_metadata.go index 08b85ca4..a11cbf55 100644 --- a/commands/update_spaces_metadata.go +++ b/commands/update_spaces_metadata.go @@ -9,7 +9,7 @@ type UpdateSpacesMetadataCommand struct { func (c *UpdateSpacesMetadataCommand) Execute([]string) error { var cfMgmt *CFMgmt var err error - if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek); err == nil { + if cfMgmt, err = InitializePeekManagers(c.BaseCFConfigCommand, c.Peek, nil); err == nil { err = cfMgmt.SpaceManager.UpdateSpacesMetadata() } return err diff --git a/export/exportconfig.go b/export/exportconfig.go index affaf6ea..ee6b134f 100644 --- a/export/exportconfig.go +++ b/export/exportconfig.go @@ -12,6 +12,7 @@ import ( "github.com/vmwarepivotallabs/cf-mgmt/organizationreader" "github.com/vmwarepivotallabs/cf-mgmt/privatedomain" "github.com/vmwarepivotallabs/cf-mgmt/quota" + "github.com/vmwarepivotallabs/cf-mgmt/role" "github.com/vmwarepivotallabs/cf-mgmt/securitygroup" "github.com/vmwarepivotallabs/cf-mgmt/serviceaccess" "github.com/vmwarepivotallabs/cf-mgmt/shareddomain" @@ -34,7 +35,8 @@ func NewExportManager( privateDomainMgr privatedomain.Manager, sharedDomainMgr *shareddomain.Manager, serviceAccessMgr *serviceaccess.Manager, - quotaMgr *quota.Manager) *Manager { + quotaMgr *quota.Manager, + roleMgr role.Manager) *Manager { return &Manager{ ConfigMgr: config.NewManager(configDir), UAAMgr: uaaMgr, @@ -47,6 +49,7 @@ func NewExportManager( SharedDomainManager: sharedDomainMgr, ServiceAccessManager: serviceAccessMgr, QuotaManager: quotaMgr, + RoleManager: roleMgr, } } @@ -55,6 +58,7 @@ type Manager struct { UAAMgr uaa.Manager SpaceManager space.Manager UserManager user.Manager + RoleManager role.Manager OrgReader organizationreader.Reader SecurityGroupManager securitygroup.Manager IsoSegmentManager isosegment.Manager @@ -523,7 +527,7 @@ func (im *Manager) doesSpaceExist(spaces []*resource.Space, spaceName string) bo } func (im *Manager) addOrgUsers(orgConfig *config.OrgConfig, orgGUID string) error { - _, managerRoleUsers, billingManagerRoleUsers, auditorRoleUsers, err := im.UserManager.ListOrgUsersByRole(orgGUID) + _, managerRoleUsers, billingManagerRoleUsers, auditorRoleUsers, err := im.RoleManager.ListOrgUsersByRole(orgGUID) if err != nil { return err } @@ -534,7 +538,7 @@ func (im *Manager) addOrgUsers(orgConfig *config.OrgConfig, orgGUID string) erro } func (im *Manager) addSpaceUsers(spaceConfig *config.SpaceConfig, spaceGUID string) error { - managerRoleUsers, developerRoleUsers, auditorRoleUsers, supporterRoleUsers, err := im.UserManager.ListSpaceUsersByRole(spaceGUID) + managerRoleUsers, developerRoleUsers, auditorRoleUsers, supporterRoleUsers, err := im.RoleManager.ListSpaceUsersByRole(spaceGUID) if err != nil { return err } @@ -545,41 +549,41 @@ func (im *Manager) addSpaceUsers(spaceConfig *config.SpaceConfig, spaceGUID stri return nil } -func (im *Manager) addOrgManagers(orgConfig *config.OrgConfig, orgGUID string, orgMgrs *user.RoleUsers) { +func (im *Manager) addOrgManagers(orgConfig *config.OrgConfig, orgGUID string, orgMgrs *role.RoleUsers) { lo.G.Debugf("Found %d Org Managers for Org: %s", len(orgMgrs.Users()), orgConfig.Org) doAddUsers(orgMgrs, &orgConfig.Manager.Users, &orgConfig.Manager.LDAPUsers, &orgConfig.Manager.SamlUsers) } -func (im *Manager) addBillingManagers(orgConfig *config.OrgConfig, orgGUID string, orgBillingMgrs *user.RoleUsers) { +func (im *Manager) addBillingManagers(orgConfig *config.OrgConfig, orgGUID string, orgBillingMgrs *role.RoleUsers) { lo.G.Debugf("Found %d Org Billing Managers for Org: %s", len(orgBillingMgrs.Users()), orgConfig.Org) doAddUsers(orgBillingMgrs, &orgConfig.BillingManager.Users, &orgConfig.BillingManager.LDAPUsers, &orgConfig.BillingManager.SamlUsers) } -func (im *Manager) addOrgAuditors(orgConfig *config.OrgConfig, orgGUID string, orgAuditors *user.RoleUsers) { +func (im *Manager) addOrgAuditors(orgConfig *config.OrgConfig, orgGUID string, orgAuditors *role.RoleUsers) { lo.G.Debugf("Found %d Org Auditors for Org: %s", len(orgAuditors.Users()), orgConfig.Org) doAddUsers(orgAuditors, &orgConfig.Auditor.Users, &orgConfig.Auditor.LDAPUsers, &orgConfig.Auditor.SamlUsers) } -func (im *Manager) addSpaceManagers(spaceConfig *config.SpaceConfig, spaceGUID string, spaceMgrs *user.RoleUsers) { +func (im *Manager) addSpaceManagers(spaceConfig *config.SpaceConfig, spaceGUID string, spaceMgrs *role.RoleUsers) { lo.G.Debugf("Found %d Space Managers for Org: %s and Space: %s", len(spaceMgrs.Users()), spaceConfig.Org, spaceConfig.Space) doAddUsers(spaceMgrs, &spaceConfig.Manager.Users, &spaceConfig.Manager.LDAPUsers, &spaceConfig.Manager.SamlUsers) } -func (im *Manager) addSpaceDevelopers(spaceConfig *config.SpaceConfig, spaceGUID string, spaceDevs *user.RoleUsers) { +func (im *Manager) addSpaceDevelopers(spaceConfig *config.SpaceConfig, spaceGUID string, spaceDevs *role.RoleUsers) { lo.G.Debugf("Found %d Space Developers for Org: %s and Space: %s", len(spaceDevs.Users()), spaceConfig.Org, spaceConfig.Space) doAddUsers(spaceDevs, &spaceConfig.Developer.Users, &spaceConfig.Developer.LDAPUsers, &spaceConfig.Developer.SamlUsers) } -func (im *Manager) addSpaceAuditors(spaceConfig *config.SpaceConfig, spaceGUID string, spaceAuditors *user.RoleUsers) { +func (im *Manager) addSpaceAuditors(spaceConfig *config.SpaceConfig, spaceGUID string, spaceAuditors *role.RoleUsers) { lo.G.Debugf("Found %d Space Auditors for Org: %s and Space: %s", len(spaceAuditors.Users()), spaceConfig.Org, spaceConfig.Space) doAddUsers(spaceAuditors, &spaceConfig.Auditor.Users, &spaceConfig.Auditor.LDAPUsers, &spaceConfig.Auditor.SamlUsers) } -func (im *Manager) addSpaceSupporters(spaceConfig *config.SpaceConfig, spaceGUID string, spaceSupporters *user.RoleUsers) { +func (im *Manager) addSpaceSupporters(spaceConfig *config.SpaceConfig, spaceGUID string, spaceSupporters *role.RoleUsers) { lo.G.Debugf("Found %d Space Supporters for Org: %s and Space: %s", len(spaceSupporters.Users()), spaceConfig.Org, spaceConfig.Space) doAddUsers(spaceSupporters, &spaceConfig.Supporter.Users, &spaceConfig.Supporter.LDAPUsers, &spaceConfig.Supporter.SamlUsers) } -func doAddUsers(roleUser *user.RoleUsers, uaaUsers *[]string, ldapUsers *[]string, samlUsers *[]string) { +func doAddUsers(roleUser *role.RoleUsers, uaaUsers *[]string, ldapUsers *[]string, samlUsers *[]string) { for _, cfUser := range roleUser.Users() { if cfUser.Origin == "uaa" { *uaaUsers = append(*uaaUsers, cfUser.UserName) diff --git a/role/definition.go b/role/definition.go new file mode 100644 index 00000000..9ef70c65 --- /dev/null +++ b/role/definition.go @@ -0,0 +1,7 @@ +package role + +//go:generate go run github.com/maxbrunsfeld/counterfeiter/v6 -generate +//counterfeiter:generate -o fakes/fake_manager.go types.go Manager +//counterfeiter:generate -o fakes/fake_cf_role_client.go types.go CFRoleClient +//counterfeiter:generate -o fakes/fake_cf_user_client.go types.go CFUserClient +//counterfeiter:generate -o fakes/fake_cf_job_client.go types.go CFJobClient diff --git a/role/fakes/fake_cf_job_client.go b/role/fakes/fake_cf_job_client.go new file mode 100644 index 00000000..64bb4802 --- /dev/null +++ b/role/fakes/fake_cf_job_client.go @@ -0,0 +1,117 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "context" + "sync" + + "github.com/cloudfoundry-community/go-cfclient/v3/client" + "github.com/vmwarepivotallabs/cf-mgmt/role" +) + +type FakeCFJobClient struct { + PollCompleteStub func(context.Context, string, *client.PollingOptions) error + pollCompleteMutex sync.RWMutex + pollCompleteArgsForCall []struct { + arg1 context.Context + arg2 string + arg3 *client.PollingOptions + } + pollCompleteReturns struct { + result1 error + } + pollCompleteReturnsOnCall map[int]struct { + result1 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeCFJobClient) PollComplete(arg1 context.Context, arg2 string, arg3 *client.PollingOptions) error { + fake.pollCompleteMutex.Lock() + ret, specificReturn := fake.pollCompleteReturnsOnCall[len(fake.pollCompleteArgsForCall)] + fake.pollCompleteArgsForCall = append(fake.pollCompleteArgsForCall, struct { + arg1 context.Context + arg2 string + arg3 *client.PollingOptions + }{arg1, arg2, arg3}) + stub := fake.PollCompleteStub + fakeReturns := fake.pollCompleteReturns + fake.recordInvocation("PollComplete", []interface{}{arg1, arg2, arg3}) + fake.pollCompleteMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeCFJobClient) PollCompleteCallCount() int { + fake.pollCompleteMutex.RLock() + defer fake.pollCompleteMutex.RUnlock() + return len(fake.pollCompleteArgsForCall) +} + +func (fake *FakeCFJobClient) PollCompleteCalls(stub func(context.Context, string, *client.PollingOptions) error) { + fake.pollCompleteMutex.Lock() + defer fake.pollCompleteMutex.Unlock() + fake.PollCompleteStub = stub +} + +func (fake *FakeCFJobClient) PollCompleteArgsForCall(i int) (context.Context, string, *client.PollingOptions) { + fake.pollCompleteMutex.RLock() + defer fake.pollCompleteMutex.RUnlock() + argsForCall := fake.pollCompleteArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 +} + +func (fake *FakeCFJobClient) PollCompleteReturns(result1 error) { + fake.pollCompleteMutex.Lock() + defer fake.pollCompleteMutex.Unlock() + fake.PollCompleteStub = nil + fake.pollCompleteReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeCFJobClient) PollCompleteReturnsOnCall(i int, result1 error) { + fake.pollCompleteMutex.Lock() + defer fake.pollCompleteMutex.Unlock() + fake.PollCompleteStub = nil + if fake.pollCompleteReturnsOnCall == nil { + fake.pollCompleteReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.pollCompleteReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeCFJobClient) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.pollCompleteMutex.RLock() + defer fake.pollCompleteMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeCFJobClient) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ role.CFJobClient = new(FakeCFJobClient) diff --git a/role/fakes/fake_cf_role_client.go b/role/fakes/fake_cf_role_client.go new file mode 100644 index 00000000..61cb5427 --- /dev/null +++ b/role/fakes/fake_cf_role_client.go @@ -0,0 +1,372 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "context" + "sync" + + "github.com/cloudfoundry-community/go-cfclient/v3/client" + "github.com/cloudfoundry-community/go-cfclient/v3/resource" + "github.com/vmwarepivotallabs/cf-mgmt/role" +) + +type FakeCFRoleClient struct { + CreateOrganizationRoleStub func(context.Context, string, string, resource.OrganizationRoleType) (*resource.Role, error) + createOrganizationRoleMutex sync.RWMutex + createOrganizationRoleArgsForCall []struct { + arg1 context.Context + arg2 string + arg3 string + arg4 resource.OrganizationRoleType + } + createOrganizationRoleReturns struct { + result1 *resource.Role + result2 error + } + createOrganizationRoleReturnsOnCall map[int]struct { + result1 *resource.Role + result2 error + } + CreateSpaceRoleStub func(context.Context, string, string, resource.SpaceRoleType) (*resource.Role, error) + createSpaceRoleMutex sync.RWMutex + createSpaceRoleArgsForCall []struct { + arg1 context.Context + arg2 string + arg3 string + arg4 resource.SpaceRoleType + } + createSpaceRoleReturns struct { + result1 *resource.Role + result2 error + } + createSpaceRoleReturnsOnCall map[int]struct { + result1 *resource.Role + result2 error + } + DeleteStub func(context.Context, string) (string, error) + deleteMutex sync.RWMutex + deleteArgsForCall []struct { + arg1 context.Context + arg2 string + } + deleteReturns struct { + result1 string + result2 error + } + deleteReturnsOnCall map[int]struct { + result1 string + result2 error + } + ListAllStub func(context.Context, *client.RoleListOptions) ([]*resource.Role, error) + listAllMutex sync.RWMutex + listAllArgsForCall []struct { + arg1 context.Context + arg2 *client.RoleListOptions + } + listAllReturns struct { + result1 []*resource.Role + result2 error + } + listAllReturnsOnCall map[int]struct { + result1 []*resource.Role + result2 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeCFRoleClient) CreateOrganizationRole(arg1 context.Context, arg2 string, arg3 string, arg4 resource.OrganizationRoleType) (*resource.Role, error) { + fake.createOrganizationRoleMutex.Lock() + ret, specificReturn := fake.createOrganizationRoleReturnsOnCall[len(fake.createOrganizationRoleArgsForCall)] + fake.createOrganizationRoleArgsForCall = append(fake.createOrganizationRoleArgsForCall, struct { + arg1 context.Context + arg2 string + arg3 string + arg4 resource.OrganizationRoleType + }{arg1, arg2, arg3, arg4}) + stub := fake.CreateOrganizationRoleStub + fakeReturns := fake.createOrganizationRoleReturns + fake.recordInvocation("CreateOrganizationRole", []interface{}{arg1, arg2, arg3, arg4}) + fake.createOrganizationRoleMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1, ret.result2 + } + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeCFRoleClient) CreateOrganizationRoleCallCount() int { + fake.createOrganizationRoleMutex.RLock() + defer fake.createOrganizationRoleMutex.RUnlock() + return len(fake.createOrganizationRoleArgsForCall) +} + +func (fake *FakeCFRoleClient) CreateOrganizationRoleCalls(stub func(context.Context, string, string, resource.OrganizationRoleType) (*resource.Role, error)) { + fake.createOrganizationRoleMutex.Lock() + defer fake.createOrganizationRoleMutex.Unlock() + fake.CreateOrganizationRoleStub = stub +} + +func (fake *FakeCFRoleClient) CreateOrganizationRoleArgsForCall(i int) (context.Context, string, string, resource.OrganizationRoleType) { + fake.createOrganizationRoleMutex.RLock() + defer fake.createOrganizationRoleMutex.RUnlock() + argsForCall := fake.createOrganizationRoleArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeCFRoleClient) CreateOrganizationRoleReturns(result1 *resource.Role, result2 error) { + fake.createOrganizationRoleMutex.Lock() + defer fake.createOrganizationRoleMutex.Unlock() + fake.CreateOrganizationRoleStub = nil + fake.createOrganizationRoleReturns = struct { + result1 *resource.Role + result2 error + }{result1, result2} +} + +func (fake *FakeCFRoleClient) CreateOrganizationRoleReturnsOnCall(i int, result1 *resource.Role, result2 error) { + fake.createOrganizationRoleMutex.Lock() + defer fake.createOrganizationRoleMutex.Unlock() + fake.CreateOrganizationRoleStub = nil + if fake.createOrganizationRoleReturnsOnCall == nil { + fake.createOrganizationRoleReturnsOnCall = make(map[int]struct { + result1 *resource.Role + result2 error + }) + } + fake.createOrganizationRoleReturnsOnCall[i] = struct { + result1 *resource.Role + result2 error + }{result1, result2} +} + +func (fake *FakeCFRoleClient) CreateSpaceRole(arg1 context.Context, arg2 string, arg3 string, arg4 resource.SpaceRoleType) (*resource.Role, error) { + fake.createSpaceRoleMutex.Lock() + ret, specificReturn := fake.createSpaceRoleReturnsOnCall[len(fake.createSpaceRoleArgsForCall)] + fake.createSpaceRoleArgsForCall = append(fake.createSpaceRoleArgsForCall, struct { + arg1 context.Context + arg2 string + arg3 string + arg4 resource.SpaceRoleType + }{arg1, arg2, arg3, arg4}) + stub := fake.CreateSpaceRoleStub + fakeReturns := fake.createSpaceRoleReturns + fake.recordInvocation("CreateSpaceRole", []interface{}{arg1, arg2, arg3, arg4}) + fake.createSpaceRoleMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1, ret.result2 + } + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeCFRoleClient) CreateSpaceRoleCallCount() int { + fake.createSpaceRoleMutex.RLock() + defer fake.createSpaceRoleMutex.RUnlock() + return len(fake.createSpaceRoleArgsForCall) +} + +func (fake *FakeCFRoleClient) CreateSpaceRoleCalls(stub func(context.Context, string, string, resource.SpaceRoleType) (*resource.Role, error)) { + fake.createSpaceRoleMutex.Lock() + defer fake.createSpaceRoleMutex.Unlock() + fake.CreateSpaceRoleStub = stub +} + +func (fake *FakeCFRoleClient) CreateSpaceRoleArgsForCall(i int) (context.Context, string, string, resource.SpaceRoleType) { + fake.createSpaceRoleMutex.RLock() + defer fake.createSpaceRoleMutex.RUnlock() + argsForCall := fake.createSpaceRoleArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeCFRoleClient) CreateSpaceRoleReturns(result1 *resource.Role, result2 error) { + fake.createSpaceRoleMutex.Lock() + defer fake.createSpaceRoleMutex.Unlock() + fake.CreateSpaceRoleStub = nil + fake.createSpaceRoleReturns = struct { + result1 *resource.Role + result2 error + }{result1, result2} +} + +func (fake *FakeCFRoleClient) CreateSpaceRoleReturnsOnCall(i int, result1 *resource.Role, result2 error) { + fake.createSpaceRoleMutex.Lock() + defer fake.createSpaceRoleMutex.Unlock() + fake.CreateSpaceRoleStub = nil + if fake.createSpaceRoleReturnsOnCall == nil { + fake.createSpaceRoleReturnsOnCall = make(map[int]struct { + result1 *resource.Role + result2 error + }) + } + fake.createSpaceRoleReturnsOnCall[i] = struct { + result1 *resource.Role + result2 error + }{result1, result2} +} + +func (fake *FakeCFRoleClient) Delete(arg1 context.Context, arg2 string) (string, error) { + fake.deleteMutex.Lock() + ret, specificReturn := fake.deleteReturnsOnCall[len(fake.deleteArgsForCall)] + fake.deleteArgsForCall = append(fake.deleteArgsForCall, struct { + arg1 context.Context + arg2 string + }{arg1, arg2}) + stub := fake.DeleteStub + fakeReturns := fake.deleteReturns + fake.recordInvocation("Delete", []interface{}{arg1, arg2}) + fake.deleteMutex.Unlock() + if stub != nil { + return stub(arg1, arg2) + } + if specificReturn { + return ret.result1, ret.result2 + } + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeCFRoleClient) DeleteCallCount() int { + fake.deleteMutex.RLock() + defer fake.deleteMutex.RUnlock() + return len(fake.deleteArgsForCall) +} + +func (fake *FakeCFRoleClient) DeleteCalls(stub func(context.Context, string) (string, error)) { + fake.deleteMutex.Lock() + defer fake.deleteMutex.Unlock() + fake.DeleteStub = stub +} + +func (fake *FakeCFRoleClient) DeleteArgsForCall(i int) (context.Context, string) { + fake.deleteMutex.RLock() + defer fake.deleteMutex.RUnlock() + argsForCall := fake.deleteArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeCFRoleClient) DeleteReturns(result1 string, result2 error) { + fake.deleteMutex.Lock() + defer fake.deleteMutex.Unlock() + fake.DeleteStub = nil + fake.deleteReturns = struct { + result1 string + result2 error + }{result1, result2} +} + +func (fake *FakeCFRoleClient) DeleteReturnsOnCall(i int, result1 string, result2 error) { + fake.deleteMutex.Lock() + defer fake.deleteMutex.Unlock() + fake.DeleteStub = nil + if fake.deleteReturnsOnCall == nil { + fake.deleteReturnsOnCall = make(map[int]struct { + result1 string + result2 error + }) + } + fake.deleteReturnsOnCall[i] = struct { + result1 string + result2 error + }{result1, result2} +} + +func (fake *FakeCFRoleClient) ListAll(arg1 context.Context, arg2 *client.RoleListOptions) ([]*resource.Role, error) { + fake.listAllMutex.Lock() + ret, specificReturn := fake.listAllReturnsOnCall[len(fake.listAllArgsForCall)] + fake.listAllArgsForCall = append(fake.listAllArgsForCall, struct { + arg1 context.Context + arg2 *client.RoleListOptions + }{arg1, arg2}) + stub := fake.ListAllStub + fakeReturns := fake.listAllReturns + fake.recordInvocation("ListAll", []interface{}{arg1, arg2}) + fake.listAllMutex.Unlock() + if stub != nil { + return stub(arg1, arg2) + } + if specificReturn { + return ret.result1, ret.result2 + } + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeCFRoleClient) ListAllCallCount() int { + fake.listAllMutex.RLock() + defer fake.listAllMutex.RUnlock() + return len(fake.listAllArgsForCall) +} + +func (fake *FakeCFRoleClient) ListAllCalls(stub func(context.Context, *client.RoleListOptions) ([]*resource.Role, error)) { + fake.listAllMutex.Lock() + defer fake.listAllMutex.Unlock() + fake.ListAllStub = stub +} + +func (fake *FakeCFRoleClient) ListAllArgsForCall(i int) (context.Context, *client.RoleListOptions) { + fake.listAllMutex.RLock() + defer fake.listAllMutex.RUnlock() + argsForCall := fake.listAllArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeCFRoleClient) ListAllReturns(result1 []*resource.Role, result2 error) { + fake.listAllMutex.Lock() + defer fake.listAllMutex.Unlock() + fake.ListAllStub = nil + fake.listAllReturns = struct { + result1 []*resource.Role + result2 error + }{result1, result2} +} + +func (fake *FakeCFRoleClient) ListAllReturnsOnCall(i int, result1 []*resource.Role, result2 error) { + fake.listAllMutex.Lock() + defer fake.listAllMutex.Unlock() + fake.ListAllStub = nil + if fake.listAllReturnsOnCall == nil { + fake.listAllReturnsOnCall = make(map[int]struct { + result1 []*resource.Role + result2 error + }) + } + fake.listAllReturnsOnCall[i] = struct { + result1 []*resource.Role + result2 error + }{result1, result2} +} + +func (fake *FakeCFRoleClient) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.createOrganizationRoleMutex.RLock() + defer fake.createOrganizationRoleMutex.RUnlock() + fake.createSpaceRoleMutex.RLock() + defer fake.createSpaceRoleMutex.RUnlock() + fake.deleteMutex.RLock() + defer fake.deleteMutex.RUnlock() + fake.listAllMutex.RLock() + defer fake.listAllMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeCFRoleClient) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ role.CFRoleClient = new(FakeCFRoleClient) diff --git a/role/fakes/fake_cf_user_client.go b/role/fakes/fake_cf_user_client.go new file mode 100644 index 00000000..98db1623 --- /dev/null +++ b/role/fakes/fake_cf_user_client.go @@ -0,0 +1,202 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "context" + "sync" + + "github.com/cloudfoundry-community/go-cfclient/v3/client" + "github.com/cloudfoundry-community/go-cfclient/v3/resource" + "github.com/vmwarepivotallabs/cf-mgmt/role" +) + +type FakeCFUserClient struct { + DeleteStub func(context.Context, string) (string, error) + deleteMutex sync.RWMutex + deleteArgsForCall []struct { + arg1 context.Context + arg2 string + } + deleteReturns struct { + result1 string + result2 error + } + deleteReturnsOnCall map[int]struct { + result1 string + result2 error + } + ListAllStub func(context.Context, *client.UserListOptions) ([]*resource.User, error) + listAllMutex sync.RWMutex + listAllArgsForCall []struct { + arg1 context.Context + arg2 *client.UserListOptions + } + listAllReturns struct { + result1 []*resource.User + result2 error + } + listAllReturnsOnCall map[int]struct { + result1 []*resource.User + result2 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeCFUserClient) Delete(arg1 context.Context, arg2 string) (string, error) { + fake.deleteMutex.Lock() + ret, specificReturn := fake.deleteReturnsOnCall[len(fake.deleteArgsForCall)] + fake.deleteArgsForCall = append(fake.deleteArgsForCall, struct { + arg1 context.Context + arg2 string + }{arg1, arg2}) + stub := fake.DeleteStub + fakeReturns := fake.deleteReturns + fake.recordInvocation("Delete", []interface{}{arg1, arg2}) + fake.deleteMutex.Unlock() + if stub != nil { + return stub(arg1, arg2) + } + if specificReturn { + return ret.result1, ret.result2 + } + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeCFUserClient) DeleteCallCount() int { + fake.deleteMutex.RLock() + defer fake.deleteMutex.RUnlock() + return len(fake.deleteArgsForCall) +} + +func (fake *FakeCFUserClient) DeleteCalls(stub func(context.Context, string) (string, error)) { + fake.deleteMutex.Lock() + defer fake.deleteMutex.Unlock() + fake.DeleteStub = stub +} + +func (fake *FakeCFUserClient) DeleteArgsForCall(i int) (context.Context, string) { + fake.deleteMutex.RLock() + defer fake.deleteMutex.RUnlock() + argsForCall := fake.deleteArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeCFUserClient) DeleteReturns(result1 string, result2 error) { + fake.deleteMutex.Lock() + defer fake.deleteMutex.Unlock() + fake.DeleteStub = nil + fake.deleteReturns = struct { + result1 string + result2 error + }{result1, result2} +} + +func (fake *FakeCFUserClient) DeleteReturnsOnCall(i int, result1 string, result2 error) { + fake.deleteMutex.Lock() + defer fake.deleteMutex.Unlock() + fake.DeleteStub = nil + if fake.deleteReturnsOnCall == nil { + fake.deleteReturnsOnCall = make(map[int]struct { + result1 string + result2 error + }) + } + fake.deleteReturnsOnCall[i] = struct { + result1 string + result2 error + }{result1, result2} +} + +func (fake *FakeCFUserClient) ListAll(arg1 context.Context, arg2 *client.UserListOptions) ([]*resource.User, error) { + fake.listAllMutex.Lock() + ret, specificReturn := fake.listAllReturnsOnCall[len(fake.listAllArgsForCall)] + fake.listAllArgsForCall = append(fake.listAllArgsForCall, struct { + arg1 context.Context + arg2 *client.UserListOptions + }{arg1, arg2}) + stub := fake.ListAllStub + fakeReturns := fake.listAllReturns + fake.recordInvocation("ListAll", []interface{}{arg1, arg2}) + fake.listAllMutex.Unlock() + if stub != nil { + return stub(arg1, arg2) + } + if specificReturn { + return ret.result1, ret.result2 + } + return fakeReturns.result1, fakeReturns.result2 +} + +func (fake *FakeCFUserClient) ListAllCallCount() int { + fake.listAllMutex.RLock() + defer fake.listAllMutex.RUnlock() + return len(fake.listAllArgsForCall) +} + +func (fake *FakeCFUserClient) ListAllCalls(stub func(context.Context, *client.UserListOptions) ([]*resource.User, error)) { + fake.listAllMutex.Lock() + defer fake.listAllMutex.Unlock() + fake.ListAllStub = stub +} + +func (fake *FakeCFUserClient) ListAllArgsForCall(i int) (context.Context, *client.UserListOptions) { + fake.listAllMutex.RLock() + defer fake.listAllMutex.RUnlock() + argsForCall := fake.listAllArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2 +} + +func (fake *FakeCFUserClient) ListAllReturns(result1 []*resource.User, result2 error) { + fake.listAllMutex.Lock() + defer fake.listAllMutex.Unlock() + fake.ListAllStub = nil + fake.listAllReturns = struct { + result1 []*resource.User + result2 error + }{result1, result2} +} + +func (fake *FakeCFUserClient) ListAllReturnsOnCall(i int, result1 []*resource.User, result2 error) { + fake.listAllMutex.Lock() + defer fake.listAllMutex.Unlock() + fake.ListAllStub = nil + if fake.listAllReturnsOnCall == nil { + fake.listAllReturnsOnCall = make(map[int]struct { + result1 []*resource.User + result2 error + }) + } + fake.listAllReturnsOnCall[i] = struct { + result1 []*resource.User + result2 error + }{result1, result2} +} + +func (fake *FakeCFUserClient) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.deleteMutex.RLock() + defer fake.deleteMutex.RUnlock() + fake.listAllMutex.RLock() + defer fake.listAllMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeCFUserClient) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ role.CFUserClient = new(FakeCFUserClient) diff --git a/role/fakes/fake_manager.go b/role/fakes/fake_manager.go new file mode 100644 index 00000000..afe54910 --- /dev/null +++ b/role/fakes/fake_manager.go @@ -0,0 +1,1543 @@ +// Code generated by counterfeiter. DO NOT EDIT. +package fakes + +import ( + "sync" + + "github.com/vmwarepivotallabs/cf-mgmt/role" +) + +type FakeManager struct { + AssociateOrgAuditorStub func(string, string, string, string, string) error + associateOrgAuditorMutex sync.RWMutex + associateOrgAuditorArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + } + associateOrgAuditorReturns struct { + result1 error + } + associateOrgAuditorReturnsOnCall map[int]struct { + result1 error + } + AssociateOrgBillingManagerStub func(string, string, string, string, string) error + associateOrgBillingManagerMutex sync.RWMutex + associateOrgBillingManagerArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + } + associateOrgBillingManagerReturns struct { + result1 error + } + associateOrgBillingManagerReturnsOnCall map[int]struct { + result1 error + } + AssociateOrgManagerStub func(string, string, string, string, string) error + associateOrgManagerMutex sync.RWMutex + associateOrgManagerArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + } + associateOrgManagerReturns struct { + result1 error + } + associateOrgManagerReturnsOnCall map[int]struct { + result1 error + } + AssociateSpaceAuditorStub func(string, string, string, string, string) error + associateSpaceAuditorMutex sync.RWMutex + associateSpaceAuditorArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + } + associateSpaceAuditorReturns struct { + result1 error + } + associateSpaceAuditorReturnsOnCall map[int]struct { + result1 error + } + AssociateSpaceDeveloperStub func(string, string, string, string, string) error + associateSpaceDeveloperMutex sync.RWMutex + associateSpaceDeveloperArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + } + associateSpaceDeveloperReturns struct { + result1 error + } + associateSpaceDeveloperReturnsOnCall map[int]struct { + result1 error + } + AssociateSpaceManagerStub func(string, string, string, string, string) error + associateSpaceManagerMutex sync.RWMutex + associateSpaceManagerArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + } + associateSpaceManagerReturns struct { + result1 error + } + associateSpaceManagerReturnsOnCall map[int]struct { + result1 error + } + AssociateSpaceSupporterStub func(string, string, string, string, string) error + associateSpaceSupporterMutex sync.RWMutex + associateSpaceSupporterArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + } + associateSpaceSupporterReturns struct { + result1 error + } + associateSpaceSupporterReturnsOnCall map[int]struct { + result1 error + } + ClearRolesStub func() + clearRolesMutex sync.RWMutex + clearRolesArgsForCall []struct { + } + DeleteUserStub func(string) error + deleteUserMutex sync.RWMutex + deleteUserArgsForCall []struct { + arg1 string + } + deleteUserReturns struct { + result1 error + } + deleteUserReturnsOnCall map[int]struct { + result1 error + } + ListOrgUsersByRoleStub func(string) (*role.RoleUsers, *role.RoleUsers, *role.RoleUsers, *role.RoleUsers, error) + listOrgUsersByRoleMutex sync.RWMutex + listOrgUsersByRoleArgsForCall []struct { + arg1 string + } + listOrgUsersByRoleReturns struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + } + listOrgUsersByRoleReturnsOnCall map[int]struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + } + ListSpaceUsersByRoleStub func(string) (*role.RoleUsers, *role.RoleUsers, *role.RoleUsers, *role.RoleUsers, error) + listSpaceUsersByRoleMutex sync.RWMutex + listSpaceUsersByRoleArgsForCall []struct { + arg1 string + } + listSpaceUsersByRoleReturns struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + } + listSpaceUsersByRoleReturnsOnCall map[int]struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + } + RemoveOrgAuditorStub func(string, string, string, string) error + removeOrgAuditorMutex sync.RWMutex + removeOrgAuditorArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + } + removeOrgAuditorReturns struct { + result1 error + } + removeOrgAuditorReturnsOnCall map[int]struct { + result1 error + } + RemoveOrgBillingManagerStub func(string, string, string, string) error + removeOrgBillingManagerMutex sync.RWMutex + removeOrgBillingManagerArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + } + removeOrgBillingManagerReturns struct { + result1 error + } + removeOrgBillingManagerReturnsOnCall map[int]struct { + result1 error + } + RemoveOrgManagerStub func(string, string, string, string) error + removeOrgManagerMutex sync.RWMutex + removeOrgManagerArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + } + removeOrgManagerReturns struct { + result1 error + } + removeOrgManagerReturnsOnCall map[int]struct { + result1 error + } + RemoveOrgUserStub func(string, string, string, string) error + removeOrgUserMutex sync.RWMutex + removeOrgUserArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + } + removeOrgUserReturns struct { + result1 error + } + removeOrgUserReturnsOnCall map[int]struct { + result1 error + } + RemoveSpaceAuditorStub func(string, string, string, string) error + removeSpaceAuditorMutex sync.RWMutex + removeSpaceAuditorArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + } + removeSpaceAuditorReturns struct { + result1 error + } + removeSpaceAuditorReturnsOnCall map[int]struct { + result1 error + } + RemoveSpaceDeveloperStub func(string, string, string, string) error + removeSpaceDeveloperMutex sync.RWMutex + removeSpaceDeveloperArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + } + removeSpaceDeveloperReturns struct { + result1 error + } + removeSpaceDeveloperReturnsOnCall map[int]struct { + result1 error + } + RemoveSpaceManagerStub func(string, string, string, string) error + removeSpaceManagerMutex sync.RWMutex + removeSpaceManagerArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + } + removeSpaceManagerReturns struct { + result1 error + } + removeSpaceManagerReturnsOnCall map[int]struct { + result1 error + } + RemoveSpaceSupporterStub func(string, string, string, string) error + removeSpaceSupporterMutex sync.RWMutex + removeSpaceSupporterArgsForCall []struct { + arg1 string + arg2 string + arg3 string + arg4 string + } + removeSpaceSupporterReturns struct { + result1 error + } + removeSpaceSupporterReturnsOnCall map[int]struct { + result1 error + } + invocations map[string][][]interface{} + invocationsMutex sync.RWMutex +} + +func (fake *FakeManager) AssociateOrgAuditor(arg1 string, arg2 string, arg3 string, arg4 string, arg5 string) error { + fake.associateOrgAuditorMutex.Lock() + ret, specificReturn := fake.associateOrgAuditorReturnsOnCall[len(fake.associateOrgAuditorArgsForCall)] + fake.associateOrgAuditorArgsForCall = append(fake.associateOrgAuditorArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + }{arg1, arg2, arg3, arg4, arg5}) + stub := fake.AssociateOrgAuditorStub + fakeReturns := fake.associateOrgAuditorReturns + fake.recordInvocation("AssociateOrgAuditor", []interface{}{arg1, arg2, arg3, arg4, arg5}) + fake.associateOrgAuditorMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4, arg5) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateOrgAuditorCallCount() int { + fake.associateOrgAuditorMutex.RLock() + defer fake.associateOrgAuditorMutex.RUnlock() + return len(fake.associateOrgAuditorArgsForCall) +} + +func (fake *FakeManager) AssociateOrgAuditorCalls(stub func(string, string, string, string, string) error) { + fake.associateOrgAuditorMutex.Lock() + defer fake.associateOrgAuditorMutex.Unlock() + fake.AssociateOrgAuditorStub = stub +} + +func (fake *FakeManager) AssociateOrgAuditorArgsForCall(i int) (string, string, string, string, string) { + fake.associateOrgAuditorMutex.RLock() + defer fake.associateOrgAuditorMutex.RUnlock() + argsForCall := fake.associateOrgAuditorArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4, argsForCall.arg5 +} + +func (fake *FakeManager) AssociateOrgAuditorReturns(result1 error) { + fake.associateOrgAuditorMutex.Lock() + defer fake.associateOrgAuditorMutex.Unlock() + fake.AssociateOrgAuditorStub = nil + fake.associateOrgAuditorReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateOrgAuditorReturnsOnCall(i int, result1 error) { + fake.associateOrgAuditorMutex.Lock() + defer fake.associateOrgAuditorMutex.Unlock() + fake.AssociateOrgAuditorStub = nil + if fake.associateOrgAuditorReturnsOnCall == nil { + fake.associateOrgAuditorReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateOrgAuditorReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateOrgBillingManager(arg1 string, arg2 string, arg3 string, arg4 string, arg5 string) error { + fake.associateOrgBillingManagerMutex.Lock() + ret, specificReturn := fake.associateOrgBillingManagerReturnsOnCall[len(fake.associateOrgBillingManagerArgsForCall)] + fake.associateOrgBillingManagerArgsForCall = append(fake.associateOrgBillingManagerArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + }{arg1, arg2, arg3, arg4, arg5}) + stub := fake.AssociateOrgBillingManagerStub + fakeReturns := fake.associateOrgBillingManagerReturns + fake.recordInvocation("AssociateOrgBillingManager", []interface{}{arg1, arg2, arg3, arg4, arg5}) + fake.associateOrgBillingManagerMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4, arg5) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateOrgBillingManagerCallCount() int { + fake.associateOrgBillingManagerMutex.RLock() + defer fake.associateOrgBillingManagerMutex.RUnlock() + return len(fake.associateOrgBillingManagerArgsForCall) +} + +func (fake *FakeManager) AssociateOrgBillingManagerCalls(stub func(string, string, string, string, string) error) { + fake.associateOrgBillingManagerMutex.Lock() + defer fake.associateOrgBillingManagerMutex.Unlock() + fake.AssociateOrgBillingManagerStub = stub +} + +func (fake *FakeManager) AssociateOrgBillingManagerArgsForCall(i int) (string, string, string, string, string) { + fake.associateOrgBillingManagerMutex.RLock() + defer fake.associateOrgBillingManagerMutex.RUnlock() + argsForCall := fake.associateOrgBillingManagerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4, argsForCall.arg5 +} + +func (fake *FakeManager) AssociateOrgBillingManagerReturns(result1 error) { + fake.associateOrgBillingManagerMutex.Lock() + defer fake.associateOrgBillingManagerMutex.Unlock() + fake.AssociateOrgBillingManagerStub = nil + fake.associateOrgBillingManagerReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateOrgBillingManagerReturnsOnCall(i int, result1 error) { + fake.associateOrgBillingManagerMutex.Lock() + defer fake.associateOrgBillingManagerMutex.Unlock() + fake.AssociateOrgBillingManagerStub = nil + if fake.associateOrgBillingManagerReturnsOnCall == nil { + fake.associateOrgBillingManagerReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateOrgBillingManagerReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateOrgManager(arg1 string, arg2 string, arg3 string, arg4 string, arg5 string) error { + fake.associateOrgManagerMutex.Lock() + ret, specificReturn := fake.associateOrgManagerReturnsOnCall[len(fake.associateOrgManagerArgsForCall)] + fake.associateOrgManagerArgsForCall = append(fake.associateOrgManagerArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + }{arg1, arg2, arg3, arg4, arg5}) + stub := fake.AssociateOrgManagerStub + fakeReturns := fake.associateOrgManagerReturns + fake.recordInvocation("AssociateOrgManager", []interface{}{arg1, arg2, arg3, arg4, arg5}) + fake.associateOrgManagerMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4, arg5) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateOrgManagerCallCount() int { + fake.associateOrgManagerMutex.RLock() + defer fake.associateOrgManagerMutex.RUnlock() + return len(fake.associateOrgManagerArgsForCall) +} + +func (fake *FakeManager) AssociateOrgManagerCalls(stub func(string, string, string, string, string) error) { + fake.associateOrgManagerMutex.Lock() + defer fake.associateOrgManagerMutex.Unlock() + fake.AssociateOrgManagerStub = stub +} + +func (fake *FakeManager) AssociateOrgManagerArgsForCall(i int) (string, string, string, string, string) { + fake.associateOrgManagerMutex.RLock() + defer fake.associateOrgManagerMutex.RUnlock() + argsForCall := fake.associateOrgManagerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4, argsForCall.arg5 +} + +func (fake *FakeManager) AssociateOrgManagerReturns(result1 error) { + fake.associateOrgManagerMutex.Lock() + defer fake.associateOrgManagerMutex.Unlock() + fake.AssociateOrgManagerStub = nil + fake.associateOrgManagerReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateOrgManagerReturnsOnCall(i int, result1 error) { + fake.associateOrgManagerMutex.Lock() + defer fake.associateOrgManagerMutex.Unlock() + fake.AssociateOrgManagerStub = nil + if fake.associateOrgManagerReturnsOnCall == nil { + fake.associateOrgManagerReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateOrgManagerReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceAuditor(arg1 string, arg2 string, arg3 string, arg4 string, arg5 string) error { + fake.associateSpaceAuditorMutex.Lock() + ret, specificReturn := fake.associateSpaceAuditorReturnsOnCall[len(fake.associateSpaceAuditorArgsForCall)] + fake.associateSpaceAuditorArgsForCall = append(fake.associateSpaceAuditorArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + }{arg1, arg2, arg3, arg4, arg5}) + stub := fake.AssociateSpaceAuditorStub + fakeReturns := fake.associateSpaceAuditorReturns + fake.recordInvocation("AssociateSpaceAuditor", []interface{}{arg1, arg2, arg3, arg4, arg5}) + fake.associateSpaceAuditorMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4, arg5) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateSpaceAuditorCallCount() int { + fake.associateSpaceAuditorMutex.RLock() + defer fake.associateSpaceAuditorMutex.RUnlock() + return len(fake.associateSpaceAuditorArgsForCall) +} + +func (fake *FakeManager) AssociateSpaceAuditorCalls(stub func(string, string, string, string, string) error) { + fake.associateSpaceAuditorMutex.Lock() + defer fake.associateSpaceAuditorMutex.Unlock() + fake.AssociateSpaceAuditorStub = stub +} + +func (fake *FakeManager) AssociateSpaceAuditorArgsForCall(i int) (string, string, string, string, string) { + fake.associateSpaceAuditorMutex.RLock() + defer fake.associateSpaceAuditorMutex.RUnlock() + argsForCall := fake.associateSpaceAuditorArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4, argsForCall.arg5 +} + +func (fake *FakeManager) AssociateSpaceAuditorReturns(result1 error) { + fake.associateSpaceAuditorMutex.Lock() + defer fake.associateSpaceAuditorMutex.Unlock() + fake.AssociateSpaceAuditorStub = nil + fake.associateSpaceAuditorReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceAuditorReturnsOnCall(i int, result1 error) { + fake.associateSpaceAuditorMutex.Lock() + defer fake.associateSpaceAuditorMutex.Unlock() + fake.AssociateSpaceAuditorStub = nil + if fake.associateSpaceAuditorReturnsOnCall == nil { + fake.associateSpaceAuditorReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateSpaceAuditorReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceDeveloper(arg1 string, arg2 string, arg3 string, arg4 string, arg5 string) error { + fake.associateSpaceDeveloperMutex.Lock() + ret, specificReturn := fake.associateSpaceDeveloperReturnsOnCall[len(fake.associateSpaceDeveloperArgsForCall)] + fake.associateSpaceDeveloperArgsForCall = append(fake.associateSpaceDeveloperArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + }{arg1, arg2, arg3, arg4, arg5}) + stub := fake.AssociateSpaceDeveloperStub + fakeReturns := fake.associateSpaceDeveloperReturns + fake.recordInvocation("AssociateSpaceDeveloper", []interface{}{arg1, arg2, arg3, arg4, arg5}) + fake.associateSpaceDeveloperMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4, arg5) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateSpaceDeveloperCallCount() int { + fake.associateSpaceDeveloperMutex.RLock() + defer fake.associateSpaceDeveloperMutex.RUnlock() + return len(fake.associateSpaceDeveloperArgsForCall) +} + +func (fake *FakeManager) AssociateSpaceDeveloperCalls(stub func(string, string, string, string, string) error) { + fake.associateSpaceDeveloperMutex.Lock() + defer fake.associateSpaceDeveloperMutex.Unlock() + fake.AssociateSpaceDeveloperStub = stub +} + +func (fake *FakeManager) AssociateSpaceDeveloperArgsForCall(i int) (string, string, string, string, string) { + fake.associateSpaceDeveloperMutex.RLock() + defer fake.associateSpaceDeveloperMutex.RUnlock() + argsForCall := fake.associateSpaceDeveloperArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4, argsForCall.arg5 +} + +func (fake *FakeManager) AssociateSpaceDeveloperReturns(result1 error) { + fake.associateSpaceDeveloperMutex.Lock() + defer fake.associateSpaceDeveloperMutex.Unlock() + fake.AssociateSpaceDeveloperStub = nil + fake.associateSpaceDeveloperReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceDeveloperReturnsOnCall(i int, result1 error) { + fake.associateSpaceDeveloperMutex.Lock() + defer fake.associateSpaceDeveloperMutex.Unlock() + fake.AssociateSpaceDeveloperStub = nil + if fake.associateSpaceDeveloperReturnsOnCall == nil { + fake.associateSpaceDeveloperReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateSpaceDeveloperReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceManager(arg1 string, arg2 string, arg3 string, arg4 string, arg5 string) error { + fake.associateSpaceManagerMutex.Lock() + ret, specificReturn := fake.associateSpaceManagerReturnsOnCall[len(fake.associateSpaceManagerArgsForCall)] + fake.associateSpaceManagerArgsForCall = append(fake.associateSpaceManagerArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + }{arg1, arg2, arg3, arg4, arg5}) + stub := fake.AssociateSpaceManagerStub + fakeReturns := fake.associateSpaceManagerReturns + fake.recordInvocation("AssociateSpaceManager", []interface{}{arg1, arg2, arg3, arg4, arg5}) + fake.associateSpaceManagerMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4, arg5) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateSpaceManagerCallCount() int { + fake.associateSpaceManagerMutex.RLock() + defer fake.associateSpaceManagerMutex.RUnlock() + return len(fake.associateSpaceManagerArgsForCall) +} + +func (fake *FakeManager) AssociateSpaceManagerCalls(stub func(string, string, string, string, string) error) { + fake.associateSpaceManagerMutex.Lock() + defer fake.associateSpaceManagerMutex.Unlock() + fake.AssociateSpaceManagerStub = stub +} + +func (fake *FakeManager) AssociateSpaceManagerArgsForCall(i int) (string, string, string, string, string) { + fake.associateSpaceManagerMutex.RLock() + defer fake.associateSpaceManagerMutex.RUnlock() + argsForCall := fake.associateSpaceManagerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4, argsForCall.arg5 +} + +func (fake *FakeManager) AssociateSpaceManagerReturns(result1 error) { + fake.associateSpaceManagerMutex.Lock() + defer fake.associateSpaceManagerMutex.Unlock() + fake.AssociateSpaceManagerStub = nil + fake.associateSpaceManagerReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceManagerReturnsOnCall(i int, result1 error) { + fake.associateSpaceManagerMutex.Lock() + defer fake.associateSpaceManagerMutex.Unlock() + fake.AssociateSpaceManagerStub = nil + if fake.associateSpaceManagerReturnsOnCall == nil { + fake.associateSpaceManagerReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateSpaceManagerReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceSupporter(arg1 string, arg2 string, arg3 string, arg4 string, arg5 string) error { + fake.associateSpaceSupporterMutex.Lock() + ret, specificReturn := fake.associateSpaceSupporterReturnsOnCall[len(fake.associateSpaceSupporterArgsForCall)] + fake.associateSpaceSupporterArgsForCall = append(fake.associateSpaceSupporterArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + arg5 string + }{arg1, arg2, arg3, arg4, arg5}) + stub := fake.AssociateSpaceSupporterStub + fakeReturns := fake.associateSpaceSupporterReturns + fake.recordInvocation("AssociateSpaceSupporter", []interface{}{arg1, arg2, arg3, arg4, arg5}) + fake.associateSpaceSupporterMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4, arg5) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) AssociateSpaceSupporterCallCount() int { + fake.associateSpaceSupporterMutex.RLock() + defer fake.associateSpaceSupporterMutex.RUnlock() + return len(fake.associateSpaceSupporterArgsForCall) +} + +func (fake *FakeManager) AssociateSpaceSupporterCalls(stub func(string, string, string, string, string) error) { + fake.associateSpaceSupporterMutex.Lock() + defer fake.associateSpaceSupporterMutex.Unlock() + fake.AssociateSpaceSupporterStub = stub +} + +func (fake *FakeManager) AssociateSpaceSupporterArgsForCall(i int) (string, string, string, string, string) { + fake.associateSpaceSupporterMutex.RLock() + defer fake.associateSpaceSupporterMutex.RUnlock() + argsForCall := fake.associateSpaceSupporterArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4, argsForCall.arg5 +} + +func (fake *FakeManager) AssociateSpaceSupporterReturns(result1 error) { + fake.associateSpaceSupporterMutex.Lock() + defer fake.associateSpaceSupporterMutex.Unlock() + fake.AssociateSpaceSupporterStub = nil + fake.associateSpaceSupporterReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) AssociateSpaceSupporterReturnsOnCall(i int, result1 error) { + fake.associateSpaceSupporterMutex.Lock() + defer fake.associateSpaceSupporterMutex.Unlock() + fake.AssociateSpaceSupporterStub = nil + if fake.associateSpaceSupporterReturnsOnCall == nil { + fake.associateSpaceSupporterReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.associateSpaceSupporterReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) ClearRoles() { + fake.clearRolesMutex.Lock() + fake.clearRolesArgsForCall = append(fake.clearRolesArgsForCall, struct { + }{}) + stub := fake.ClearRolesStub + fake.recordInvocation("ClearRoles", []interface{}{}) + fake.clearRolesMutex.Unlock() + if stub != nil { + fake.ClearRolesStub() + } +} + +func (fake *FakeManager) ClearRolesCallCount() int { + fake.clearRolesMutex.RLock() + defer fake.clearRolesMutex.RUnlock() + return len(fake.clearRolesArgsForCall) +} + +func (fake *FakeManager) ClearRolesCalls(stub func()) { + fake.clearRolesMutex.Lock() + defer fake.clearRolesMutex.Unlock() + fake.ClearRolesStub = stub +} + +func (fake *FakeManager) DeleteUser(arg1 string) error { + fake.deleteUserMutex.Lock() + ret, specificReturn := fake.deleteUserReturnsOnCall[len(fake.deleteUserArgsForCall)] + fake.deleteUserArgsForCall = append(fake.deleteUserArgsForCall, struct { + arg1 string + }{arg1}) + stub := fake.DeleteUserStub + fakeReturns := fake.deleteUserReturns + fake.recordInvocation("DeleteUser", []interface{}{arg1}) + fake.deleteUserMutex.Unlock() + if stub != nil { + return stub(arg1) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) DeleteUserCallCount() int { + fake.deleteUserMutex.RLock() + defer fake.deleteUserMutex.RUnlock() + return len(fake.deleteUserArgsForCall) +} + +func (fake *FakeManager) DeleteUserCalls(stub func(string) error) { + fake.deleteUserMutex.Lock() + defer fake.deleteUserMutex.Unlock() + fake.DeleteUserStub = stub +} + +func (fake *FakeManager) DeleteUserArgsForCall(i int) string { + fake.deleteUserMutex.RLock() + defer fake.deleteUserMutex.RUnlock() + argsForCall := fake.deleteUserArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeManager) DeleteUserReturns(result1 error) { + fake.deleteUserMutex.Lock() + defer fake.deleteUserMutex.Unlock() + fake.DeleteUserStub = nil + fake.deleteUserReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) DeleteUserReturnsOnCall(i int, result1 error) { + fake.deleteUserMutex.Lock() + defer fake.deleteUserMutex.Unlock() + fake.DeleteUserStub = nil + if fake.deleteUserReturnsOnCall == nil { + fake.deleteUserReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.deleteUserReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) ListOrgUsersByRole(arg1 string) (*role.RoleUsers, *role.RoleUsers, *role.RoleUsers, *role.RoleUsers, error) { + fake.listOrgUsersByRoleMutex.Lock() + ret, specificReturn := fake.listOrgUsersByRoleReturnsOnCall[len(fake.listOrgUsersByRoleArgsForCall)] + fake.listOrgUsersByRoleArgsForCall = append(fake.listOrgUsersByRoleArgsForCall, struct { + arg1 string + }{arg1}) + stub := fake.ListOrgUsersByRoleStub + fakeReturns := fake.listOrgUsersByRoleReturns + fake.recordInvocation("ListOrgUsersByRole", []interface{}{arg1}) + fake.listOrgUsersByRoleMutex.Unlock() + if stub != nil { + return stub(arg1) + } + if specificReturn { + return ret.result1, ret.result2, ret.result3, ret.result4, ret.result5 + } + return fakeReturns.result1, fakeReturns.result2, fakeReturns.result3, fakeReturns.result4, fakeReturns.result5 +} + +func (fake *FakeManager) ListOrgUsersByRoleCallCount() int { + fake.listOrgUsersByRoleMutex.RLock() + defer fake.listOrgUsersByRoleMutex.RUnlock() + return len(fake.listOrgUsersByRoleArgsForCall) +} + +func (fake *FakeManager) ListOrgUsersByRoleCalls(stub func(string) (*role.RoleUsers, *role.RoleUsers, *role.RoleUsers, *role.RoleUsers, error)) { + fake.listOrgUsersByRoleMutex.Lock() + defer fake.listOrgUsersByRoleMutex.Unlock() + fake.ListOrgUsersByRoleStub = stub +} + +func (fake *FakeManager) ListOrgUsersByRoleArgsForCall(i int) string { + fake.listOrgUsersByRoleMutex.RLock() + defer fake.listOrgUsersByRoleMutex.RUnlock() + argsForCall := fake.listOrgUsersByRoleArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeManager) ListOrgUsersByRoleReturns(result1 *role.RoleUsers, result2 *role.RoleUsers, result3 *role.RoleUsers, result4 *role.RoleUsers, result5 error) { + fake.listOrgUsersByRoleMutex.Lock() + defer fake.listOrgUsersByRoleMutex.Unlock() + fake.ListOrgUsersByRoleStub = nil + fake.listOrgUsersByRoleReturns = struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + }{result1, result2, result3, result4, result5} +} + +func (fake *FakeManager) ListOrgUsersByRoleReturnsOnCall(i int, result1 *role.RoleUsers, result2 *role.RoleUsers, result3 *role.RoleUsers, result4 *role.RoleUsers, result5 error) { + fake.listOrgUsersByRoleMutex.Lock() + defer fake.listOrgUsersByRoleMutex.Unlock() + fake.ListOrgUsersByRoleStub = nil + if fake.listOrgUsersByRoleReturnsOnCall == nil { + fake.listOrgUsersByRoleReturnsOnCall = make(map[int]struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + }) + } + fake.listOrgUsersByRoleReturnsOnCall[i] = struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + }{result1, result2, result3, result4, result5} +} + +func (fake *FakeManager) ListSpaceUsersByRole(arg1 string) (*role.RoleUsers, *role.RoleUsers, *role.RoleUsers, *role.RoleUsers, error) { + fake.listSpaceUsersByRoleMutex.Lock() + ret, specificReturn := fake.listSpaceUsersByRoleReturnsOnCall[len(fake.listSpaceUsersByRoleArgsForCall)] + fake.listSpaceUsersByRoleArgsForCall = append(fake.listSpaceUsersByRoleArgsForCall, struct { + arg1 string + }{arg1}) + stub := fake.ListSpaceUsersByRoleStub + fakeReturns := fake.listSpaceUsersByRoleReturns + fake.recordInvocation("ListSpaceUsersByRole", []interface{}{arg1}) + fake.listSpaceUsersByRoleMutex.Unlock() + if stub != nil { + return stub(arg1) + } + if specificReturn { + return ret.result1, ret.result2, ret.result3, ret.result4, ret.result5 + } + return fakeReturns.result1, fakeReturns.result2, fakeReturns.result3, fakeReturns.result4, fakeReturns.result5 +} + +func (fake *FakeManager) ListSpaceUsersByRoleCallCount() int { + fake.listSpaceUsersByRoleMutex.RLock() + defer fake.listSpaceUsersByRoleMutex.RUnlock() + return len(fake.listSpaceUsersByRoleArgsForCall) +} + +func (fake *FakeManager) ListSpaceUsersByRoleCalls(stub func(string) (*role.RoleUsers, *role.RoleUsers, *role.RoleUsers, *role.RoleUsers, error)) { + fake.listSpaceUsersByRoleMutex.Lock() + defer fake.listSpaceUsersByRoleMutex.Unlock() + fake.ListSpaceUsersByRoleStub = stub +} + +func (fake *FakeManager) ListSpaceUsersByRoleArgsForCall(i int) string { + fake.listSpaceUsersByRoleMutex.RLock() + defer fake.listSpaceUsersByRoleMutex.RUnlock() + argsForCall := fake.listSpaceUsersByRoleArgsForCall[i] + return argsForCall.arg1 +} + +func (fake *FakeManager) ListSpaceUsersByRoleReturns(result1 *role.RoleUsers, result2 *role.RoleUsers, result3 *role.RoleUsers, result4 *role.RoleUsers, result5 error) { + fake.listSpaceUsersByRoleMutex.Lock() + defer fake.listSpaceUsersByRoleMutex.Unlock() + fake.ListSpaceUsersByRoleStub = nil + fake.listSpaceUsersByRoleReturns = struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + }{result1, result2, result3, result4, result5} +} + +func (fake *FakeManager) ListSpaceUsersByRoleReturnsOnCall(i int, result1 *role.RoleUsers, result2 *role.RoleUsers, result3 *role.RoleUsers, result4 *role.RoleUsers, result5 error) { + fake.listSpaceUsersByRoleMutex.Lock() + defer fake.listSpaceUsersByRoleMutex.Unlock() + fake.ListSpaceUsersByRoleStub = nil + if fake.listSpaceUsersByRoleReturnsOnCall == nil { + fake.listSpaceUsersByRoleReturnsOnCall = make(map[int]struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + }) + } + fake.listSpaceUsersByRoleReturnsOnCall[i] = struct { + result1 *role.RoleUsers + result2 *role.RoleUsers + result3 *role.RoleUsers + result4 *role.RoleUsers + result5 error + }{result1, result2, result3, result4, result5} +} + +func (fake *FakeManager) RemoveOrgAuditor(arg1 string, arg2 string, arg3 string, arg4 string) error { + fake.removeOrgAuditorMutex.Lock() + ret, specificReturn := fake.removeOrgAuditorReturnsOnCall[len(fake.removeOrgAuditorArgsForCall)] + fake.removeOrgAuditorArgsForCall = append(fake.removeOrgAuditorArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + stub := fake.RemoveOrgAuditorStub + fakeReturns := fake.removeOrgAuditorReturns + fake.recordInvocation("RemoveOrgAuditor", []interface{}{arg1, arg2, arg3, arg4}) + fake.removeOrgAuditorMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) RemoveOrgAuditorCallCount() int { + fake.removeOrgAuditorMutex.RLock() + defer fake.removeOrgAuditorMutex.RUnlock() + return len(fake.removeOrgAuditorArgsForCall) +} + +func (fake *FakeManager) RemoveOrgAuditorCalls(stub func(string, string, string, string) error) { + fake.removeOrgAuditorMutex.Lock() + defer fake.removeOrgAuditorMutex.Unlock() + fake.RemoveOrgAuditorStub = stub +} + +func (fake *FakeManager) RemoveOrgAuditorArgsForCall(i int) (string, string, string, string) { + fake.removeOrgAuditorMutex.RLock() + defer fake.removeOrgAuditorMutex.RUnlock() + argsForCall := fake.removeOrgAuditorArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) RemoveOrgAuditorReturns(result1 error) { + fake.removeOrgAuditorMutex.Lock() + defer fake.removeOrgAuditorMutex.Unlock() + fake.RemoveOrgAuditorStub = nil + fake.removeOrgAuditorReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveOrgAuditorReturnsOnCall(i int, result1 error) { + fake.removeOrgAuditorMutex.Lock() + defer fake.removeOrgAuditorMutex.Unlock() + fake.RemoveOrgAuditorStub = nil + if fake.removeOrgAuditorReturnsOnCall == nil { + fake.removeOrgAuditorReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.removeOrgAuditorReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveOrgBillingManager(arg1 string, arg2 string, arg3 string, arg4 string) error { + fake.removeOrgBillingManagerMutex.Lock() + ret, specificReturn := fake.removeOrgBillingManagerReturnsOnCall[len(fake.removeOrgBillingManagerArgsForCall)] + fake.removeOrgBillingManagerArgsForCall = append(fake.removeOrgBillingManagerArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + stub := fake.RemoveOrgBillingManagerStub + fakeReturns := fake.removeOrgBillingManagerReturns + fake.recordInvocation("RemoveOrgBillingManager", []interface{}{arg1, arg2, arg3, arg4}) + fake.removeOrgBillingManagerMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) RemoveOrgBillingManagerCallCount() int { + fake.removeOrgBillingManagerMutex.RLock() + defer fake.removeOrgBillingManagerMutex.RUnlock() + return len(fake.removeOrgBillingManagerArgsForCall) +} + +func (fake *FakeManager) RemoveOrgBillingManagerCalls(stub func(string, string, string, string) error) { + fake.removeOrgBillingManagerMutex.Lock() + defer fake.removeOrgBillingManagerMutex.Unlock() + fake.RemoveOrgBillingManagerStub = stub +} + +func (fake *FakeManager) RemoveOrgBillingManagerArgsForCall(i int) (string, string, string, string) { + fake.removeOrgBillingManagerMutex.RLock() + defer fake.removeOrgBillingManagerMutex.RUnlock() + argsForCall := fake.removeOrgBillingManagerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) RemoveOrgBillingManagerReturns(result1 error) { + fake.removeOrgBillingManagerMutex.Lock() + defer fake.removeOrgBillingManagerMutex.Unlock() + fake.RemoveOrgBillingManagerStub = nil + fake.removeOrgBillingManagerReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveOrgBillingManagerReturnsOnCall(i int, result1 error) { + fake.removeOrgBillingManagerMutex.Lock() + defer fake.removeOrgBillingManagerMutex.Unlock() + fake.RemoveOrgBillingManagerStub = nil + if fake.removeOrgBillingManagerReturnsOnCall == nil { + fake.removeOrgBillingManagerReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.removeOrgBillingManagerReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveOrgManager(arg1 string, arg2 string, arg3 string, arg4 string) error { + fake.removeOrgManagerMutex.Lock() + ret, specificReturn := fake.removeOrgManagerReturnsOnCall[len(fake.removeOrgManagerArgsForCall)] + fake.removeOrgManagerArgsForCall = append(fake.removeOrgManagerArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + stub := fake.RemoveOrgManagerStub + fakeReturns := fake.removeOrgManagerReturns + fake.recordInvocation("RemoveOrgManager", []interface{}{arg1, arg2, arg3, arg4}) + fake.removeOrgManagerMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) RemoveOrgManagerCallCount() int { + fake.removeOrgManagerMutex.RLock() + defer fake.removeOrgManagerMutex.RUnlock() + return len(fake.removeOrgManagerArgsForCall) +} + +func (fake *FakeManager) RemoveOrgManagerCalls(stub func(string, string, string, string) error) { + fake.removeOrgManagerMutex.Lock() + defer fake.removeOrgManagerMutex.Unlock() + fake.RemoveOrgManagerStub = stub +} + +func (fake *FakeManager) RemoveOrgManagerArgsForCall(i int) (string, string, string, string) { + fake.removeOrgManagerMutex.RLock() + defer fake.removeOrgManagerMutex.RUnlock() + argsForCall := fake.removeOrgManagerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) RemoveOrgManagerReturns(result1 error) { + fake.removeOrgManagerMutex.Lock() + defer fake.removeOrgManagerMutex.Unlock() + fake.RemoveOrgManagerStub = nil + fake.removeOrgManagerReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveOrgManagerReturnsOnCall(i int, result1 error) { + fake.removeOrgManagerMutex.Lock() + defer fake.removeOrgManagerMutex.Unlock() + fake.RemoveOrgManagerStub = nil + if fake.removeOrgManagerReturnsOnCall == nil { + fake.removeOrgManagerReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.removeOrgManagerReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveOrgUser(arg1 string, arg2 string, arg3 string, arg4 string) error { + fake.removeOrgUserMutex.Lock() + ret, specificReturn := fake.removeOrgUserReturnsOnCall[len(fake.removeOrgUserArgsForCall)] + fake.removeOrgUserArgsForCall = append(fake.removeOrgUserArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + stub := fake.RemoveOrgUserStub + fakeReturns := fake.removeOrgUserReturns + fake.recordInvocation("RemoveOrgUser", []interface{}{arg1, arg2, arg3, arg4}) + fake.removeOrgUserMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) RemoveOrgUserCallCount() int { + fake.removeOrgUserMutex.RLock() + defer fake.removeOrgUserMutex.RUnlock() + return len(fake.removeOrgUserArgsForCall) +} + +func (fake *FakeManager) RemoveOrgUserCalls(stub func(string, string, string, string) error) { + fake.removeOrgUserMutex.Lock() + defer fake.removeOrgUserMutex.Unlock() + fake.RemoveOrgUserStub = stub +} + +func (fake *FakeManager) RemoveOrgUserArgsForCall(i int) (string, string, string, string) { + fake.removeOrgUserMutex.RLock() + defer fake.removeOrgUserMutex.RUnlock() + argsForCall := fake.removeOrgUserArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) RemoveOrgUserReturns(result1 error) { + fake.removeOrgUserMutex.Lock() + defer fake.removeOrgUserMutex.Unlock() + fake.RemoveOrgUserStub = nil + fake.removeOrgUserReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveOrgUserReturnsOnCall(i int, result1 error) { + fake.removeOrgUserMutex.Lock() + defer fake.removeOrgUserMutex.Unlock() + fake.RemoveOrgUserStub = nil + if fake.removeOrgUserReturnsOnCall == nil { + fake.removeOrgUserReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.removeOrgUserReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveSpaceAuditor(arg1 string, arg2 string, arg3 string, arg4 string) error { + fake.removeSpaceAuditorMutex.Lock() + ret, specificReturn := fake.removeSpaceAuditorReturnsOnCall[len(fake.removeSpaceAuditorArgsForCall)] + fake.removeSpaceAuditorArgsForCall = append(fake.removeSpaceAuditorArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + stub := fake.RemoveSpaceAuditorStub + fakeReturns := fake.removeSpaceAuditorReturns + fake.recordInvocation("RemoveSpaceAuditor", []interface{}{arg1, arg2, arg3, arg4}) + fake.removeSpaceAuditorMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) RemoveSpaceAuditorCallCount() int { + fake.removeSpaceAuditorMutex.RLock() + defer fake.removeSpaceAuditorMutex.RUnlock() + return len(fake.removeSpaceAuditorArgsForCall) +} + +func (fake *FakeManager) RemoveSpaceAuditorCalls(stub func(string, string, string, string) error) { + fake.removeSpaceAuditorMutex.Lock() + defer fake.removeSpaceAuditorMutex.Unlock() + fake.RemoveSpaceAuditorStub = stub +} + +func (fake *FakeManager) RemoveSpaceAuditorArgsForCall(i int) (string, string, string, string) { + fake.removeSpaceAuditorMutex.RLock() + defer fake.removeSpaceAuditorMutex.RUnlock() + argsForCall := fake.removeSpaceAuditorArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) RemoveSpaceAuditorReturns(result1 error) { + fake.removeSpaceAuditorMutex.Lock() + defer fake.removeSpaceAuditorMutex.Unlock() + fake.RemoveSpaceAuditorStub = nil + fake.removeSpaceAuditorReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveSpaceAuditorReturnsOnCall(i int, result1 error) { + fake.removeSpaceAuditorMutex.Lock() + defer fake.removeSpaceAuditorMutex.Unlock() + fake.RemoveSpaceAuditorStub = nil + if fake.removeSpaceAuditorReturnsOnCall == nil { + fake.removeSpaceAuditorReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.removeSpaceAuditorReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveSpaceDeveloper(arg1 string, arg2 string, arg3 string, arg4 string) error { + fake.removeSpaceDeveloperMutex.Lock() + ret, specificReturn := fake.removeSpaceDeveloperReturnsOnCall[len(fake.removeSpaceDeveloperArgsForCall)] + fake.removeSpaceDeveloperArgsForCall = append(fake.removeSpaceDeveloperArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + stub := fake.RemoveSpaceDeveloperStub + fakeReturns := fake.removeSpaceDeveloperReturns + fake.recordInvocation("RemoveSpaceDeveloper", []interface{}{arg1, arg2, arg3, arg4}) + fake.removeSpaceDeveloperMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) RemoveSpaceDeveloperCallCount() int { + fake.removeSpaceDeveloperMutex.RLock() + defer fake.removeSpaceDeveloperMutex.RUnlock() + return len(fake.removeSpaceDeveloperArgsForCall) +} + +func (fake *FakeManager) RemoveSpaceDeveloperCalls(stub func(string, string, string, string) error) { + fake.removeSpaceDeveloperMutex.Lock() + defer fake.removeSpaceDeveloperMutex.Unlock() + fake.RemoveSpaceDeveloperStub = stub +} + +func (fake *FakeManager) RemoveSpaceDeveloperArgsForCall(i int) (string, string, string, string) { + fake.removeSpaceDeveloperMutex.RLock() + defer fake.removeSpaceDeveloperMutex.RUnlock() + argsForCall := fake.removeSpaceDeveloperArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) RemoveSpaceDeveloperReturns(result1 error) { + fake.removeSpaceDeveloperMutex.Lock() + defer fake.removeSpaceDeveloperMutex.Unlock() + fake.RemoveSpaceDeveloperStub = nil + fake.removeSpaceDeveloperReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveSpaceDeveloperReturnsOnCall(i int, result1 error) { + fake.removeSpaceDeveloperMutex.Lock() + defer fake.removeSpaceDeveloperMutex.Unlock() + fake.RemoveSpaceDeveloperStub = nil + if fake.removeSpaceDeveloperReturnsOnCall == nil { + fake.removeSpaceDeveloperReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.removeSpaceDeveloperReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveSpaceManager(arg1 string, arg2 string, arg3 string, arg4 string) error { + fake.removeSpaceManagerMutex.Lock() + ret, specificReturn := fake.removeSpaceManagerReturnsOnCall[len(fake.removeSpaceManagerArgsForCall)] + fake.removeSpaceManagerArgsForCall = append(fake.removeSpaceManagerArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + stub := fake.RemoveSpaceManagerStub + fakeReturns := fake.removeSpaceManagerReturns + fake.recordInvocation("RemoveSpaceManager", []interface{}{arg1, arg2, arg3, arg4}) + fake.removeSpaceManagerMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) RemoveSpaceManagerCallCount() int { + fake.removeSpaceManagerMutex.RLock() + defer fake.removeSpaceManagerMutex.RUnlock() + return len(fake.removeSpaceManagerArgsForCall) +} + +func (fake *FakeManager) RemoveSpaceManagerCalls(stub func(string, string, string, string) error) { + fake.removeSpaceManagerMutex.Lock() + defer fake.removeSpaceManagerMutex.Unlock() + fake.RemoveSpaceManagerStub = stub +} + +func (fake *FakeManager) RemoveSpaceManagerArgsForCall(i int) (string, string, string, string) { + fake.removeSpaceManagerMutex.RLock() + defer fake.removeSpaceManagerMutex.RUnlock() + argsForCall := fake.removeSpaceManagerArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) RemoveSpaceManagerReturns(result1 error) { + fake.removeSpaceManagerMutex.Lock() + defer fake.removeSpaceManagerMutex.Unlock() + fake.RemoveSpaceManagerStub = nil + fake.removeSpaceManagerReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveSpaceManagerReturnsOnCall(i int, result1 error) { + fake.removeSpaceManagerMutex.Lock() + defer fake.removeSpaceManagerMutex.Unlock() + fake.RemoveSpaceManagerStub = nil + if fake.removeSpaceManagerReturnsOnCall == nil { + fake.removeSpaceManagerReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.removeSpaceManagerReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveSpaceSupporter(arg1 string, arg2 string, arg3 string, arg4 string) error { + fake.removeSpaceSupporterMutex.Lock() + ret, specificReturn := fake.removeSpaceSupporterReturnsOnCall[len(fake.removeSpaceSupporterArgsForCall)] + fake.removeSpaceSupporterArgsForCall = append(fake.removeSpaceSupporterArgsForCall, struct { + arg1 string + arg2 string + arg3 string + arg4 string + }{arg1, arg2, arg3, arg4}) + stub := fake.RemoveSpaceSupporterStub + fakeReturns := fake.removeSpaceSupporterReturns + fake.recordInvocation("RemoveSpaceSupporter", []interface{}{arg1, arg2, arg3, arg4}) + fake.removeSpaceSupporterMutex.Unlock() + if stub != nil { + return stub(arg1, arg2, arg3, arg4) + } + if specificReturn { + return ret.result1 + } + return fakeReturns.result1 +} + +func (fake *FakeManager) RemoveSpaceSupporterCallCount() int { + fake.removeSpaceSupporterMutex.RLock() + defer fake.removeSpaceSupporterMutex.RUnlock() + return len(fake.removeSpaceSupporterArgsForCall) +} + +func (fake *FakeManager) RemoveSpaceSupporterCalls(stub func(string, string, string, string) error) { + fake.removeSpaceSupporterMutex.Lock() + defer fake.removeSpaceSupporterMutex.Unlock() + fake.RemoveSpaceSupporterStub = stub +} + +func (fake *FakeManager) RemoveSpaceSupporterArgsForCall(i int) (string, string, string, string) { + fake.removeSpaceSupporterMutex.RLock() + defer fake.removeSpaceSupporterMutex.RUnlock() + argsForCall := fake.removeSpaceSupporterArgsForCall[i] + return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3, argsForCall.arg4 +} + +func (fake *FakeManager) RemoveSpaceSupporterReturns(result1 error) { + fake.removeSpaceSupporterMutex.Lock() + defer fake.removeSpaceSupporterMutex.Unlock() + fake.RemoveSpaceSupporterStub = nil + fake.removeSpaceSupporterReturns = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) RemoveSpaceSupporterReturnsOnCall(i int, result1 error) { + fake.removeSpaceSupporterMutex.Lock() + defer fake.removeSpaceSupporterMutex.Unlock() + fake.RemoveSpaceSupporterStub = nil + if fake.removeSpaceSupporterReturnsOnCall == nil { + fake.removeSpaceSupporterReturnsOnCall = make(map[int]struct { + result1 error + }) + } + fake.removeSpaceSupporterReturnsOnCall[i] = struct { + result1 error + }{result1} +} + +func (fake *FakeManager) Invocations() map[string][][]interface{} { + fake.invocationsMutex.RLock() + defer fake.invocationsMutex.RUnlock() + fake.associateOrgAuditorMutex.RLock() + defer fake.associateOrgAuditorMutex.RUnlock() + fake.associateOrgBillingManagerMutex.RLock() + defer fake.associateOrgBillingManagerMutex.RUnlock() + fake.associateOrgManagerMutex.RLock() + defer fake.associateOrgManagerMutex.RUnlock() + fake.associateSpaceAuditorMutex.RLock() + defer fake.associateSpaceAuditorMutex.RUnlock() + fake.associateSpaceDeveloperMutex.RLock() + defer fake.associateSpaceDeveloperMutex.RUnlock() + fake.associateSpaceManagerMutex.RLock() + defer fake.associateSpaceManagerMutex.RUnlock() + fake.associateSpaceSupporterMutex.RLock() + defer fake.associateSpaceSupporterMutex.RUnlock() + fake.clearRolesMutex.RLock() + defer fake.clearRolesMutex.RUnlock() + fake.deleteUserMutex.RLock() + defer fake.deleteUserMutex.RUnlock() + fake.listOrgUsersByRoleMutex.RLock() + defer fake.listOrgUsersByRoleMutex.RUnlock() + fake.listSpaceUsersByRoleMutex.RLock() + defer fake.listSpaceUsersByRoleMutex.RUnlock() + fake.removeOrgAuditorMutex.RLock() + defer fake.removeOrgAuditorMutex.RUnlock() + fake.removeOrgBillingManagerMutex.RLock() + defer fake.removeOrgBillingManagerMutex.RUnlock() + fake.removeOrgManagerMutex.RLock() + defer fake.removeOrgManagerMutex.RUnlock() + fake.removeOrgUserMutex.RLock() + defer fake.removeOrgUserMutex.RUnlock() + fake.removeSpaceAuditorMutex.RLock() + defer fake.removeSpaceAuditorMutex.RUnlock() + fake.removeSpaceDeveloperMutex.RLock() + defer fake.removeSpaceDeveloperMutex.RUnlock() + fake.removeSpaceManagerMutex.RLock() + defer fake.removeSpaceManagerMutex.RUnlock() + fake.removeSpaceSupporterMutex.RLock() + defer fake.removeSpaceSupporterMutex.RUnlock() + copiedInvocations := map[string][][]interface{}{} + for key, value := range fake.invocations { + copiedInvocations[key] = value + } + return copiedInvocations +} + +func (fake *FakeManager) recordInvocation(key string, args []interface{}) { + fake.invocationsMutex.Lock() + defer fake.invocationsMutex.Unlock() + if fake.invocations == nil { + fake.invocations = map[string][][]interface{}{} + } + if fake.invocations[key] == nil { + fake.invocations[key] = [][]interface{}{} + } + fake.invocations[key] = append(fake.invocations[key], args) +} + +var _ role.Manager = new(FakeManager) diff --git a/role/manager.go b/role/manager.go new file mode 100644 index 00000000..88c54833 --- /dev/null +++ b/role/manager.go @@ -0,0 +1,372 @@ +package role + +import ( + "context" + "encoding/json" + "fmt" + "os" + "strings" + "time" + + "github.com/cloudfoundry-community/go-cfclient/v3/client" + "github.com/cloudfoundry-community/go-cfclient/v3/resource" + "github.com/vmwarepivotallabs/cf-mgmt/uaa" + "github.com/xchapter7x/lo" +) + +const SPACE_AUDITOR string = "space_auditor" +const SPACE_DEVELOPER string = "space_developer" +const SPACE_MANAGER string = "space_manager" +const SPACE_SUPPORTER string = "space_supporter" + +type DefaultManager struct { + RoleClient CFRoleClient + UserClient CFUserClient + JobClient CFJobClient + OrgRoles map[string]map[string]*RoleUsers + SpaceRoles map[string]map[string]*RoleUsers + CFUsers map[string]*resource.User + UAAUsers *uaa.Users + UAAMgr uaa.Manager + Peek bool + OrgRolesUsers map[string]map[string]map[string]string + SpaceRolesUsers map[string]map[string]map[string]string +} + +func New(roleClient CFRoleClient, userClient CFUserClient, jobClient CFJobClient, uaaMgr uaa.Manager, peek bool) Manager { + return &DefaultManager{ + RoleClient: roleClient, + UserClient: userClient, + JobClient: jobClient, + UAAMgr: uaaMgr, + Peek: peek, + } +} + +func (m *DefaultManager) ClearRoles() { + m.OrgRoles = nil + m.SpaceRoles = nil + m.OrgRolesUsers = nil + m.SpaceRolesUsers = nil +} + +func (m *DefaultManager) ListOrgRoles() ([]*resource.Role, error) { + roles, err := m.RoleClient.ListAll(context.Background(), &client.RoleListOptions{ + Types: client.Filter{ + Values: []string{resource.OrganizationRoleAuditor.String(), + resource.OrganizationRoleBillingManager.String(), + resource.OrganizationRoleManager.String(), + resource.OrganizationRoleUser.String()}, + }, + ListOptions: &client.ListOptions{ + PerPage: 5000, + }, + }) + if err != nil { + return nil, err + } + lo.G.Debugf("Found %d roles from %s API", len(roles), "organization") + err = m.checkResultsAllReturned("organization", roles) + if err != nil { + return nil, err + } + m.dumpV3Roles("organization", roles) + return roles, err +} + +func (m *DefaultManager) ListSpaceRoles() ([]*resource.Role, error) { + roles, err := m.RoleClient.ListAll(context.Background(), &client.RoleListOptions{ + Types: client.Filter{ + Values: []string{SPACE_AUDITOR, SPACE_DEVELOPER, SPACE_MANAGER, SPACE_SUPPORTER}, + }, + ListOptions: &client.ListOptions{ + PerPage: 5000, + }, + }) + if err != nil { + return nil, err + } + lo.G.Debugf("Found %d roles from %s API", len(roles), "space") + err = m.checkResultsAllReturned("space", roles) + if err != nil { + return nil, err + } + m.dumpV3Roles("space", roles) + return roles, err +} + +func (m *DefaultManager) InitializeSpaceUserRolesMap() error { + spaceV3UsersRolesMap := make(map[string]map[string][]*resource.User) + roles, err := m.ListSpaceRoles() + if err != nil { + return err + } + for _, role := range roles { + spaceGUID := role.Relationships.Space.Data.GUID + user, err := m.getUserForGUID(role.Relationships.User.Data.GUID) + if err != nil { + return err + } + spaceRoleMap, ok := spaceV3UsersRolesMap[spaceGUID] + if !ok { + spaceRoleMap = make(map[string][]*resource.User) + spaceV3UsersRolesMap[spaceGUID] = spaceRoleMap + } + spaceRoleMap[role.Type] = append(spaceRoleMap[role.Type], user) + } + spaceUsersRoleMap := make(map[string]map[string]*RoleUsers) + for key, val := range spaceV3UsersRolesMap { + for role, users := range val { + uaaUsers, err := m.GetUAAUsers() + if err != nil { + return err + } + roleUsers, err := NewRoleUsers(users, uaaUsers) + if err != nil { + return err + } + roleMap, ok := spaceUsersRoleMap[key] + if !ok { + roleMap = make(map[string]*RoleUsers) + spaceUsersRoleMap[key] = roleMap + } + roleMap[role] = roleUsers + } + } + m.dumpRolesUsers("spaces", spaceUsersRoleMap) + m.SpaceRoles = spaceUsersRoleMap + m.SpaceRolesUsers = m.buildUserMap( + func(role *resource.Role) string { + return role.Relationships.Space.Data.GUID + }, roles) + return nil +} + +func (m *DefaultManager) InitializeOrgUserRolesMap() error { + orgV3UsersRolesMap := make(map[string]map[string][]*resource.User) + roles, err := m.ListOrgRoles() + if err != nil { + return err + } + lo.G.Debugf("Found %d roles from %s API", len(roles), "organization") + err = m.checkResultsAllReturned("organization", roles) + if err != nil { + return err + } + m.dumpV3Roles("organization", roles) + for _, role := range roles { + orgGUID := role.Relationships.Org.Data.GUID + user, err := m.getUserForGUID(role.Relationships.User.Data.GUID) + if err != nil { + return err + } + orgRoleMap, ok := orgV3UsersRolesMap[orgGUID] + if !ok { + orgRoleMap = make(map[string][]*resource.User) + orgV3UsersRolesMap[orgGUID] = orgRoleMap + } + orgRoleMap[role.Type] = append(orgRoleMap[role.Type], user) + } + orgUsersRoleMap := make(map[string]map[string]*RoleUsers) + for key, val := range orgV3UsersRolesMap { + for role, users := range val { + uaaUsers, err := m.GetUAAUsers() + if err != nil { + return err + } + roleUsers, err := NewRoleUsers(users, uaaUsers) + if err != nil { + return err + } + roleMap, ok := orgUsersRoleMap[key] + if !ok { + roleMap = make(map[string]*RoleUsers) + orgUsersRoleMap[key] = roleMap + } + roleMap[role] = roleUsers + } + } + m.dumpRolesUsers("organizations", orgUsersRoleMap) + m.OrgRoles = orgUsersRoleMap + m.OrgRolesUsers = m.buildUserMap( + func(role *resource.Role) string { + return role.Relationships.Org.Data.GUID + }, roles) + return nil +} + +func (m DefaultManager) buildUserMap(keyFunction func(role *resource.Role) string, roles []*resource.Role) map[string]map[string]map[string]string { + result := make(map[string]map[string]map[string]string) + for _, role := range roles { + guid := keyFunction(role) + roleMap, ok := result[guid] + if !ok { + roleMap = make(map[string]map[string]string) + result[guid] = roleMap + } + userMap, ok := roleMap[role.Type] + if !ok { + userMap = make(map[string]string) + roleMap[role.Type] = userMap + } + userMap[role.Relationships.User.Data.GUID] = role.GUID + } + return result +} + +func (m *DefaultManager) dumpRolesUsers(entityType string, entityRoles map[string]map[string]*RoleUsers) { + level, logging := os.LookupEnv("LOG_LEVEL") + if logging && strings.EqualFold(level, "DEBUG") { + for guid, roles := range entityRoles { + for roleType, role := range roles { + for _, user := range role.Users() { + lo.G.Debugf("User [%s] with GUID[%s] and origin %s in role %s for entity type [%s/%s]", user.UserName, user.GUID, user.Origin, roleType, entityType, guid) + } + } + } + } +} + +func (m *DefaultManager) dumpV3Roles(entityType string, roles []*resource.Role) { + level, logging := os.LookupEnv("LOG_LEVEL") + if logging && strings.EqualFold(level, "DEBUG") { + for _, role := range roles { + lo.G.Debugf("For entity [%s/%s] and role [%s] user guid [%s]", entityType, role.GUID, role.Type, role.Relationships.User.Data.GUID) + } + } +} + +func (m *DefaultManager) checkResultsAllReturned(entityType string, roles []*resource.Role) error { + tracker := make(map[string]*resource.Role) + for _, role := range roles { + if priorRole, ok := tracker[role.GUID]; !ok { + tracker[role.GUID] = role + } else { + return fmt.Errorf("role for type %s with GUID[%s] is returned multiple times, prior role [%s] and current role [%s]", entityType, role.GUID, asJson(priorRole), asJson(role)) + } + } + return nil +} + +func asJson(role *resource.Role) string { + bytes, _ := json.Marshal(role) + return string(bytes) +} + +func (m *DefaultManager) GetCFUsers() (map[string]*resource.User, error) { + if m.CFUsers == nil { + cfUserMap := make(map[string]*resource.User) + cfUsers, err := m.UserClient.ListAll(context.Background(), &client.UserListOptions{}) + if err != nil { + return nil, err + } + lo.G.Debug("Begin CFUsers") + for _, cfUser := range cfUsers { + cfUserMap[cfUser.GUID] = cfUser + lo.G.Debugf("CFUser with username [%s] and guid [%s]", cfUser.Username, cfUser.GUID) + } + lo.G.Debug("End CFUsers") + m.CFUsers = cfUserMap + } + return m.CFUsers, nil +} + +func (m *DefaultManager) GetUAAUsers() (*uaa.Users, error) { + if m.UAAUsers == nil { + uaaUsers, err := m.UAAMgr.ListUsers() + if err != nil { + return nil, err + } + m.UAAUsers = uaaUsers + } + return m.UAAUsers, nil +} + +func (m *DefaultManager) UpdateOrgRoleUsers(orgGUID string, roleUser *RoleUsers) { + orgRoles, ok := m.OrgRoles[orgGUID] + if !ok { + orgRoles = make(map[string]*RoleUsers) + } + orgRoles[resource.OrganizationRoleUser.String()] = roleUser + m.OrgRoles[orgGUID] = orgRoles +} + +func (m *DefaultManager) ListOrgUsersByRole(orgGUID string) (*RoleUsers, *RoleUsers, *RoleUsers, *RoleUsers, error) { + if m.Peek && strings.Contains(orgGUID, "dry-run-org-guid") { + return InitRoleUsers(), InitRoleUsers(), InitRoleUsers(), InitRoleUsers(), nil + } + if m.OrgRoles == nil { + err := m.InitializeOrgUserRolesMap() + if err != nil { + return nil, nil, nil, nil, err + } + } + return m.getOrgRole(orgGUID, resource.OrganizationRoleUser.String()), m.getOrgRole(orgGUID, resource.OrganizationRoleManager.String()), m.getOrgRole(orgGUID, resource.OrganizationRoleBillingManager.String()), m.getOrgRole(orgGUID, resource.OrganizationRoleAuditor.String()), nil +} + +func (m *DefaultManager) ListSpaceUsersByRole(spaceGUID string) (*RoleUsers, *RoleUsers, *RoleUsers, *RoleUsers, error) { + + if m.Peek && strings.Contains(spaceGUID, "dry-run-space-guid") { + return InitRoleUsers(), InitRoleUsers(), InitRoleUsers(), InitRoleUsers(), nil + } + if m.SpaceRoles == nil { + err := m.InitializeSpaceUserRolesMap() + if err != nil { + return nil, nil, nil, nil, err + } + } + return m.getSpaceRole(spaceGUID, SPACE_MANAGER), m.getSpaceRole(spaceGUID, SPACE_DEVELOPER), m.getSpaceRole(spaceGUID, SPACE_AUDITOR), m.getSpaceRole(spaceGUID, SPACE_SUPPORTER), nil +} + +func (m *DefaultManager) getOrgRole(orgGUID, role string) *RoleUsers { + orgRoles := m.OrgRoles[orgGUID] + if orgRoles == nil { + return InitRoleUsers() + } + roleUser := orgRoles[role] + if roleUser == nil { + return InitRoleUsers() + } + return roleUser +} + +func (m *DefaultManager) getSpaceRole(spaceGUID, role string) *RoleUsers { + spaceRoles := m.SpaceRoles[spaceGUID] + if spaceRoles == nil { + return InitRoleUsers() + } + roleUser := spaceRoles[role] + if roleUser == nil { + return InitRoleUsers() + } + return roleUser +} + +func (m *DefaultManager) getUserForGUID(guid string) (*resource.User, error) { + cfUsersMap, err := m.GetCFUsers() + if err != nil { + return nil, err + } + if user, ok := cfUsersMap[guid]; ok { + return user, nil + } + return nil, fmt.Errorf("user not found for guid [%s]", guid) +} + +func (m *DefaultManager) DeleteUser(userGuid string) error { + _, err := m.UserClient.Delete(context.Background(), userGuid) + return err +} + +func (m *DefaultManager) deleteRole(roleGUID string) error { + jobGUID, err := m.RoleClient.Delete(context.Background(), roleGUID) + if err != nil { + return err + } + err = m.JobClient.PollComplete(context.Background(), jobGUID, &client.PollingOptions{ + FailedState: "FAILED", + Timeout: time.Second * 30, + CheckInterval: time.Second, + }) + return err +} diff --git a/role/manager_org.go b/role/manager_org.go new file mode 100644 index 00000000..a739b2e2 --- /dev/null +++ b/role/manager_org.go @@ -0,0 +1,141 @@ +package role + +import ( + "context" + "fmt" + + "github.com/cloudfoundry-community/go-cfclient/v3/resource" + "github.com/xchapter7x/lo" +) + +func (m *DefaultManager) AddUserToOrg(orgGUID string, userName, userGUID string) error { + if m.Peek { + return nil + } + orgUsers, _, _, _, err := m.ListOrgUsersByRole(orgGUID) + if err != nil { + return err + } + if !orgUsers.HasUserForGUID(userName, userGUID) { + _, err := m.RoleClient.CreateOrganizationRole(context.Background(), orgGUID, userGUID, resource.OrganizationRoleUser) + if err != nil { + lo.G.Debugf("Error adding user [%s] to org with guid [%s] but should have succeeded missing from org roles %+v, message: [%s]", userName, userGUID, orgUsers, err.Error()) + return err + } + orgUsers.AddUser(RoleUser{UserName: userName, GUID: userGUID}) + m.UpdateOrgRoleUsers(orgGUID, orgUsers) + } + return nil +} + +func (m *DefaultManager) AssociateOrgAuditor(orgGUID, orgName, entityGUID, userName, userGUID string) error { + err := m.AddUserToOrg(orgGUID, userName, userGUID) + if err != nil { + return err + } + if m.Peek { + lo.G.Infof("[dry-run]: Add User %s to role %s for org %s", userName, "auditor", orgName) + return nil + } + + lo.G.Infof("Add User %s to role %s for org %s", userName, "auditor", orgName) + _, err = m.RoleClient.CreateOrganizationRole(context.Background(), orgGUID, userGUID, resource.OrganizationRoleAuditor) + return err +} + +func (m *DefaultManager) AssociateOrgManager(orgGUID, orgName, entityGUID, userName, userGUID string) error { + err := m.AddUserToOrg(orgGUID, userName, userGUID) + if err != nil { + return err + } + if m.Peek { + lo.G.Infof("[dry-run]: Add User %s to role %s for org %s", userName, "manager", orgName) + return nil + } + + lo.G.Infof("Add User %s to role %s for org %s", userName, "manager", orgName) + _, err = m.RoleClient.CreateOrganizationRole(context.Background(), orgGUID, userGUID, resource.OrganizationRoleManager) + return err +} + +func (m *DefaultManager) AssociateOrgBillingManager(orgGUID, orgName, entityGUID, userName, userGUID string) error { + err := m.AddUserToOrg(orgGUID, userName, userGUID) + if err != nil { + return err + } + if m.Peek { + lo.G.Infof("[dry-run]: Add User %s to role %s for org %s", userName, "billing manager", orgName) + return nil + } + + lo.G.Infof("Add User %s to role %s for org %s", userName, "billing manager", orgName) + _, err = m.RoleClient.CreateOrganizationRole(context.Background(), orgGUID, userGUID, resource.OrganizationRoleBillingManager) + return err +} + +func (m *DefaultManager) RemoveOrgAuditor(orgName, orgGUID, userName, userGUID string) error { + if m.Peek { + lo.G.Infof("[dry-run]: removing user %s from org %s with role %s", userName, orgName, "auditor") + return nil + } + lo.G.Infof("removing user %s from org %s with role %s", userName, orgName, "auditor") + roleGUID, err := m.GetOrgRoleGUID(orgGUID, userGUID, resource.OrganizationRoleAuditor.String()) + if err != nil { + return err + } + return m.deleteRole(roleGUID) +} +func (m *DefaultManager) RemoveOrgBillingManager(orgName, orgGUID, userName, userGUID string) error { + if m.Peek { + lo.G.Infof("[dry-run]: removing user %s from org %s with role %s", userName, orgName, "billing manager") + return nil + } + lo.G.Infof("removing user %s from org %s with role %s", userName, orgName, "billing manager") + roleGUID, err := m.GetOrgRoleGUID(orgGUID, userGUID, resource.OrganizationRoleBillingManager.String()) + if err != nil { + return err + } + return m.deleteRole(roleGUID) +} + +func (m *DefaultManager) RemoveOrgManager(orgName, orgGUID, userName, userGUID string) error { + if m.Peek { + lo.G.Infof("[dry-run]: removing user %s from org %s with role %s", userName, orgName, "manager") + return nil + } + lo.G.Infof("removing user %s from org %s with role %s", userName, orgName, "manager") + roleGUID, err := m.GetOrgRoleGUID(orgGUID, userGUID, resource.OrganizationRoleManager.String()) + if err != nil { + return err + } + return m.deleteRole(roleGUID) +} + +func (m *DefaultManager) RemoveOrgUser(orgName, orgGUID, userName, userGUID string) error { + if m.Peek { + lo.G.Infof("[dry-run]: removing user %s from org %s with role %s", userName, orgName, "user") + return nil + } + lo.G.Infof("removing user %s from org %s with role %s", userName, orgName, "user") + roleGUID, err := m.GetOrgRoleGUID(orgGUID, userGUID, resource.OrganizationRoleUser.String()) + if err != nil { + return err + } + return m.deleteRole(roleGUID) +} + +func (m *DefaultManager) GetOrgRoleGUID(orgGUID, userGUID, role string) (string, error) { + orgs, ok := m.OrgRolesUsers[orgGUID] + if !ok { + return "", fmt.Errorf("org with guid[%s] has no roles", orgGUID) + } + roles, ok := orgs[role] + if !ok { + return "", fmt.Errorf("org with guid[%s] has no roles of type [%s]", orgGUID, role) + } + roleGUID, ok := roles[userGUID] + if !ok { + return "", fmt.Errorf("org with guid[%s] has no role of type [%s] with user guid [%s]", orgGUID, role, userGUID) + } + return roleGUID, nil +} diff --git a/role/manager_org_test.go b/role/manager_org_test.go new file mode 100644 index 00000000..b5cc6983 --- /dev/null +++ b/role/manager_org_test.go @@ -0,0 +1,308 @@ +package role_test + +import ( + "errors" + + "github.com/cloudfoundry-community/go-cfclient/v3/resource" + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + . "github.com/vmwarepivotallabs/cf-mgmt/role" + "github.com/vmwarepivotallabs/cf-mgmt/role/fakes" + "github.com/vmwarepivotallabs/cf-mgmt/uaa" + uaafakes "github.com/vmwarepivotallabs/cf-mgmt/uaa/fakes" +) + +var _ = Describe("given RoleManager", func() { + var ( + roleManager *DefaultManager + roleClient *fakes.FakeCFRoleClient + userClient *fakes.FakeCFUserClient + jobClient *fakes.FakeCFJobClient + uaaFake *uaafakes.FakeManager + ) + BeforeEach(func() { + roleClient = new(fakes.FakeCFRoleClient) + userClient = new(fakes.FakeCFUserClient) + jobClient = new(fakes.FakeCFJobClient) + uaaFake = new(uaafakes.FakeManager) + }) + Context("Role Manager", func() { + BeforeEach(func() { + roleManager = &DefaultManager{ + RoleClient: roleClient, + UserClient: userClient, + JobClient: jobClient, + UAAMgr: uaaFake, + } + }) + + Context("AddUserToOrg", func() { + It("should associate user", func() { + err := roleManager.AddUserToOrg("test-org-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).Should(Equal("test-org-guid")) + Expect(userGUID).Should(Equal("test-user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + + }) + + It("should peek", func() { + roleManager.Peek = true + err := roleManager.AddUserToOrg("test-org-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(0)) + }) + + It("should error", func() { + roleClient.CreateOrganizationRoleReturns(nil, errors.New("error")) + err := roleManager.AddUserToOrg("test-org-guid", "test", "test-user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).Should(Equal("test-org-guid")) + Expect(userGUID).Should(Equal("test-user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + }) + + Context("AssociateOrgAuditor", func() { + It("Should succeed", func() { + roleClient.CreateOrganizationRoleReturns(nil, nil) + err := roleManager.AssociateOrgAuditor("orgGUID", "org", "", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(2)) + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + + _, orgGUID, userGUID, role = roleClient.CreateOrganizationRoleArgsForCall(1) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleAuditor)) + }) + + It("Should fail", func() { + roleClient.CreateOrganizationRoleReturns(nil, errors.New("error")) + err := roleManager.AssociateOrgAuditor("orgGUID", "org", "", "userName", "user-guid") + Expect(err).To(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + + It("Should peek", func() { + roleManager.Peek = true + roleClient.CreateOrganizationRoleReturns(nil, nil) + err := roleManager.AssociateOrgAuditor("orgGUID", "org", "", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(0)) + }) + }) + + Context("AssociateOrgBillingManager", func() { + It("Should succeed", func() { + roleClient.CreateOrganizationRoleReturns(nil, nil) + err := roleManager.AssociateOrgBillingManager("orgGUID", "org", "", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(2)) + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + + _, orgGUID, userGUID, role = roleClient.CreateOrganizationRoleArgsForCall(1) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleBillingManager)) + }) + + It("Should fail", func() { + roleClient.CreateOrganizationRoleReturns(nil, errors.New("error")) + err := roleManager.AssociateOrgBillingManager("orgGUID", "org", "", "userName", "user-guid") + Expect(err).To(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + + It("Should peek", func() { + roleManager.Peek = true + roleClient.CreateOrganizationRoleReturns(nil, nil) + err := roleManager.AssociateOrgBillingManager("orgGUID", "org", "", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(0)) + }) + }) + + Context("AssociateOrgManager", func() { + It("Should succeed", func() { + roleClient.CreateOrganizationRoleReturns(nil, nil) + err := roleManager.AssociateOrgManager("orgGUID", "org", "", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(2)) + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + + _, orgGUID, userGUID, role = roleClient.CreateOrganizationRoleArgsForCall(1) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleManager)) + }) + + It("Should fail", func() { + roleClient.CreateOrganizationRoleReturns(nil, errors.New("error")) + err := roleManager.AssociateOrgManager("orgGUID", "org", "", "userName", "user-guid") + Expect(err).To(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + + It("Should peek", func() { + roleManager.Peek = true + roleClient.CreateOrganizationRoleReturns(nil, nil) + err := roleManager.AssociateOrgManager("orgGUID", "org", "", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(0)) + }) + }) + Context("Remove", func() { + BeforeEach(func() { + uaaUsers := &uaa.Users{} + uaaFake.ListUsersReturns(uaaUsers, nil) + userClient.ListAllReturns([]*resource.User{ + {GUID: "test-user-guid"}, + }, nil) + roleClient.ListAllReturns([]*resource.Role{ + { + GUID: "role-guid-auditor", + Type: resource.OrganizationRoleAuditor.String(), + Relationships: resource.RoleSpaceUserOrganizationRelationships{ + Org: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-org-guid"}}, + User: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-user-guid"}}, + }, + }, + { + GUID: "role-guid-manager", + Type: resource.OrganizationRoleManager.String(), + Relationships: resource.RoleSpaceUserOrganizationRelationships{ + Org: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-org-guid"}}, + User: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-user-guid"}}, + }, + }, + { + GUID: "role-guid-org-user", + Type: resource.OrganizationRoleUser.String(), + Relationships: resource.RoleSpaceUserOrganizationRelationships{ + Org: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-org-guid"}}, + User: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-user-guid"}}, + }, + }, + { + GUID: "role-guid-org-billing-manager", + Type: resource.OrganizationRoleBillingManager.String(), + Relationships: resource.RoleSpaceUserOrganizationRelationships{ + Org: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-org-guid"}}, + User: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-user-guid"}}, + }, + }, + }, nil) + err := roleManager.InitializeOrgUserRolesMap() + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.ListAllCallCount()).To(Equal(1)) + }) + Context("RemoveOrgAuditor", func() { + It("should succeed", func() { + err := roleManager.RemoveOrgAuditor("orgName", "test-org-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-auditor")) + }) + + It("should peek", func() { + roleManager.Peek = true + err := roleManager.RemoveOrgAuditor("orgName", "test-org-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(0)) + }) + + It("should error", func() { + roleClient.DeleteReturns("", errors.New("error")) + err := roleManager.RemoveOrgAuditor("orgName", "test-org-guid", "test", "test-user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-auditor")) + }) + }) + + Context("RemoveOrgBillingManager", func() { + It("should succeed", func() { + err := roleManager.RemoveOrgBillingManager("orgName", "test-org-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-org-billing-manager")) + }) + + It("should peek", func() { + roleManager.Peek = true + err := roleManager.RemoveOrgBillingManager("orgName", "test-org-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(0)) + }) + + It("should error", func() { + roleClient.DeleteReturns("", errors.New("error")) + err := roleManager.RemoveOrgBillingManager("orgName", "test-org-guid", "test", "test-user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-org-billing-manager")) + }) + }) + + Context("RemoveOrgManager", func() { + It("should succeed", func() { + roleClient.ListAllReturns([]*resource.Role{}, nil) + err := roleManager.RemoveOrgManager("orgName", "test-org-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-manager")) + }) + + It("should peek", func() { + roleManager.Peek = true + err := roleManager.RemoveOrgManager("orgName", "test-org-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(0)) + }) + + It("should error", func() { + roleClient.DeleteReturns("", errors.New("error")) + err := roleManager.RemoveOrgManager("orgName", "test-org-guid", "test", "test-user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-manager")) + }) + }) + }) + + }) +}) diff --git a/role/manager_space.go b/role/manager_space.go new file mode 100644 index 00000000..3b30a938 --- /dev/null +++ b/role/manager_space.go @@ -0,0 +1,193 @@ +package role + +import ( + "context" + "fmt" + + "github.com/cloudfoundry-community/go-cfclient/v3/resource" + "github.com/xchapter7x/lo" +) + +func (m *DefaultManager) RemoveSpaceAuditor(spaceName, spaceGUID, userName, userGUID string) error { + if m.Peek { + lo.G.Infof("[dry-run]: removing user %s from org/space %s with role %s", userName, spaceName, "Auditor") + return nil + } + lo.G.Infof("removing user %s from org/space %s with role %s", userName, spaceName, "Auditor") + roleGUID, err := m.GetSpaceRoleGUID(spaceGUID, userGUID, resource.SpaceRoleAuditor.String()) + if err != nil { + return err + } + return m.deleteRole(roleGUID) +} +func (m *DefaultManager) RemoveSpaceDeveloper(spaceName, spaceGUID, userName, userGUID string) error { + if m.Peek { + lo.G.Infof("[dry-run]: removing user %s from org/space %s with role %s", userName, spaceName, "Developer") + return nil + } + lo.G.Infof("removing user %s from org/space %s with role %s", userName, spaceName, "Developer") + roleGUID, err := m.GetSpaceRoleGUID(spaceGUID, userGUID, resource.SpaceRoleDeveloper.String()) + if err != nil { + return err + } + return m.deleteRole(roleGUID) +} +func (m *DefaultManager) RemoveSpaceManager(spaceName, spaceGUID, userName, userGUID string) error { + if m.Peek { + lo.G.Infof("[dry-run]: removing user %s from org/space %s with role %s", userName, spaceName, "Manager") + return nil + } + lo.G.Infof("removing user %s from org/space %s with role %s", userName, spaceName, "Manager") + roleGUID, err := m.GetSpaceRoleGUID(spaceGUID, userGUID, resource.SpaceRoleManager.String()) + if err != nil { + return err + } + return m.deleteRole(roleGUID) +} +func (m *DefaultManager) RemoveSpaceSupporter(spaceName, spaceGUID, userName, userGUID string) error { + if m.Peek { + lo.G.Infof("[dry-run]: removing user %s from org/space %s with role %s", userName, spaceName, "Supporter") + return nil + } + lo.G.Infof("removing user %s from org/space %s with role %s", userName, spaceName, "Supporter") + roleGUID, err := m.GetSpaceRoleGUID(spaceGUID, userGUID, resource.SpaceRoleSupporter.String()) + if err != nil { + return err + } + return m.deleteRole(roleGUID) +} + +func (m *DefaultManager) AssociateSpaceAuditor(orgGUID, spaceName, spaceGUID, userName, userGUID string) error { + err := m.AddUserToOrg(orgGUID, userName, userGUID) + if err != nil { + return err + } + if m.Peek { + lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s", userName, "auditor", spaceName) + return nil + } + + lo.G.Infof("adding %s to role %s for org/space %s", userName, "auditor", spaceName) + _, err = m.RoleClient.CreateSpaceRole(context.Background(), spaceGUID, userGUID, resource.SpaceRoleAuditor) + return err +} +func (m *DefaultManager) AssociateSpaceManager(orgGUID, spaceName, spaceGUID, userName, userGUID string) error { + err := m.AddUserToOrg(orgGUID, userName, userGUID) + if err != nil { + return err + } + if m.Peek { + lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s", userName, "manager", spaceName) + return nil + } + + lo.G.Infof("adding %s to role %s for org/space %s", userName, "manager", spaceName) + _, err = m.RoleClient.CreateSpaceRole(context.Background(), spaceGUID, userGUID, resource.SpaceRoleManager) + return err +} +func (m *DefaultManager) AssociateSpaceDeveloper(orgGUID, spaceName, spaceGUID, userName, userGUID string) error { + err := m.AddUserToOrg(orgGUID, userName, userGUID) + if err != nil { + return err + } + if m.Peek { + lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s", userName, "developer", spaceName) + return nil + } + + lo.G.Infof("adding %s to role %s for org/space %s", userName, "developer", spaceName) + _, err = m.RoleClient.CreateSpaceRole(context.Background(), spaceGUID, userGUID, resource.SpaceRoleDeveloper) + return err +} +func (m *DefaultManager) AssociateSpaceSupporter(orgGUID, spaceName, spaceGUID, userName, userGUID string) error { + err := m.AddUserToOrg(orgGUID, userName, userGUID) + if err != nil { + return err + } + if m.Peek { + lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s", userName, "supporter", spaceName) + return nil + } + + lo.G.Infof("adding %s to role %s for org/space %s", userName, "supporter", spaceName) + _, err = m.RoleClient.CreateSpaceRole(context.Background(), spaceGUID, userGUID, resource.SpaceRoleSupporter) + return err +} + +func (m *DefaultManager) GetSpaceRoleGUID(spaceGUID, userGUID, role string) (string, error) { + spaces, ok := m.SpaceRolesUsers[spaceGUID] + if !ok { + return "", fmt.Errorf("space with guid[%s] has no roles", spaceGUID) + } + roles, ok := spaces[role] + if !ok { + return "", fmt.Errorf("space with guid[%s] has no roles of type [%s]", spaceGUID, role) + } + roleGUID, ok := roles[userGUID] + if !ok { + return "", fmt.Errorf("space with guid[%s] has no role of type [%s] with user guid [%s]", spaceGUID, role, userGUID) + } + return roleGUID, nil +} + +// func (m *DefaultManager) AssociateSpaceAuditor(input UsersInput, userName, userGUID string) error { +// err := m.RoleMgr.AddUserToOrg(input.OrgGUID, userName, userGUID) +// if err != nil { +// return err +// } +// if m.Peek { +// lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s/%s", userName, "auditor", input.OrgName, input.SpaceName) +// return nil +// } + +// lo.G.Infof("adding %s to role %s for org/space %s/%s", userName, "auditor", input.OrgName, input.SpaceName) +// _, err = m.Client.CreateV3SpaceRole(input.SpaceGUID, userGUID, SPACE_AUDITOR) +// return err +// } +// func (m *DefaultManager) AssociateSpaceDeveloper(input UsersInput, userName, userGUID string) error { +// err := m.RoleMgr.AddUserToOrg(input.OrgGUID, userName, userGUID) +// if err != nil { +// return err +// } +// if m.Peek { +// lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s/%s", userName, "developer", input.OrgName, input.SpaceName) +// return nil +// } +// lo.G.Infof("adding %s to role %s for org/space %s/%s", userName, "developer", input.OrgName, input.SpaceName) +// _, err = m.Client.CreateV3SpaceRole(input.SpaceGUID, userGUID, SPACE_DEVELOPER) +// return err +// } +// func (m *DefaultManager) AssociateSpaceManager(input UsersInput, userName, userGUID string) error { +// err := m.RoleMgr.AddUserToOrg(input.OrgGUID, userName, userGUID) +// if err != nil { +// return err +// } +// if m.Peek { +// lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s/%s", userName, "manager", input.OrgName, input.SpaceName) +// return nil +// } + +// lo.G.Infof("adding %s to role %s for org/space %s/%s", userName, "manager", input.OrgName, input.SpaceName) +// _, err = m.Client.CreateV3SpaceRole(input.SpaceGUID, userGUID, SPACE_MANAGER) +// return err +// } + +// func (m *DefaultManager) AssociateSpaceSupporter(input UsersInput, userName, userGUID string) error { + +// if !m.SupportsSpaceSupporter { +// lo.G.Infof("this instance of cloud foundry does not support space_supporter role") +// return nil +// } +// err := m.RoleMgr.AddUserToOrg(input.OrgGUID, userName, userGUID) +// if err != nil { +// return err +// } +// if m.Peek { +// lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s/%s", userName, "supporter", input.OrgName, input.SpaceName) +// return nil +// } + +// lo.G.Infof("adding %s to role %s for org/space %s/%s", userName, "supporter", input.OrgName, input.SpaceName) +// _, err = m.Client.CreateV3SpaceRole(input.SpaceGUID, userGUID, SPACE_SUPPORTER) +// return err +// } diff --git a/role/manager_space_test.go b/role/manager_space_test.go new file mode 100644 index 00000000..8db0430f --- /dev/null +++ b/role/manager_space_test.go @@ -0,0 +1,367 @@ +package role_test + +import ( + "errors" + + "github.com/cloudfoundry-community/go-cfclient/v3/resource" + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + . "github.com/vmwarepivotallabs/cf-mgmt/role" + "github.com/vmwarepivotallabs/cf-mgmt/role/fakes" + "github.com/vmwarepivotallabs/cf-mgmt/uaa" + uaafakes "github.com/vmwarepivotallabs/cf-mgmt/uaa/fakes" +) + +var _ = Describe("given RoleManager", func() { + var ( + roleManager *DefaultManager + roleClient *fakes.FakeCFRoleClient + userClient *fakes.FakeCFUserClient + jobClient *fakes.FakeCFJobClient + uaaFake *uaafakes.FakeManager + ) + BeforeEach(func() { + roleClient = new(fakes.FakeCFRoleClient) + userClient = new(fakes.FakeCFUserClient) + jobClient = new(fakes.FakeCFJobClient) + uaaFake = new(uaafakes.FakeManager) + }) + Context("Role Manager", func() { + BeforeEach(func() { + roleManager = &DefaultManager{ + RoleClient: roleClient, + UserClient: userClient, + JobClient: jobClient, + UAAMgr: uaaFake, + } + }) + + Context("Remove", func() { + BeforeEach(func() { + uaaUsers := &uaa.Users{} + uaaFake.ListUsersReturns(uaaUsers, nil) + userClient.ListAllReturns([]*resource.User{ + {GUID: "test-user-guid"}, + }, nil) + roleClient.ListAllReturns([]*resource.Role{ + { + GUID: "role-guid-auditor", + Type: resource.SpaceRoleAuditor.String(), + Relationships: resource.RoleSpaceUserOrganizationRelationships{ + Org: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-org-guid"}}, + Space: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-space-guid"}}, + User: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-user-guid"}}, + }, + }, + { + GUID: "role-guid-manager", + Type: resource.SpaceRoleManager.String(), + Relationships: resource.RoleSpaceUserOrganizationRelationships{ + Org: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-org-guid"}}, + Space: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-space-guid"}}, + User: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-user-guid"}}, + }, + }, + { + GUID: "role-guid-developer", + Type: resource.SpaceRoleDeveloper.String(), + Relationships: resource.RoleSpaceUserOrganizationRelationships{ + Org: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-org-guid"}}, + Space: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-space-guid"}}, + User: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-user-guid"}}, + }, + }, + { + GUID: "role-guid-supporter", + Type: resource.SpaceRoleSupporter.String(), + Relationships: resource.RoleSpaceUserOrganizationRelationships{ + Org: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-org-guid"}}, + Space: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-space-guid"}}, + User: resource.ToOneRelationship{Data: &resource.Relationship{GUID: "test-user-guid"}}, + }, + }, + }, nil) + err := roleManager.InitializeSpaceUserRolesMap() + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.ListAllCallCount()).To(Equal(1)) + }) + Context("RemoveSpaceAuditor", func() { + It("should succeed", func() { + err := roleManager.RemoveSpaceAuditor("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-auditor")) + }) + + It("should peek", func() { + roleManager.Peek = true + err := roleManager.RemoveSpaceAuditor("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(0)) + }) + + It("should error", func() { + roleClient.DeleteReturns("", errors.New("error")) + err := roleManager.RemoveSpaceAuditor("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-auditor")) + }) + }) + + Context("RemoveSpaceManager", func() { + It("should succeed", func() { + err := roleManager.RemoveSpaceManager("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-manager")) + }) + + It("should peek", func() { + roleManager.Peek = true + err := roleManager.RemoveSpaceManager("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(0)) + }) + + It("should error", func() { + roleClient.DeleteReturns("", errors.New("error")) + err := roleManager.RemoveSpaceManager("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-manager")) + }) + }) + + Context("RemoveSpaceDeveloper", func() { + It("should succeed", func() { + err := roleManager.RemoveSpaceDeveloper("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-developer")) + }) + + It("should peek", func() { + roleManager.Peek = true + err := roleManager.RemoveSpaceDeveloper("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(0)) + }) + + It("should error", func() { + roleClient.DeleteReturns("", errors.New("error")) + err := roleManager.RemoveSpaceDeveloper("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-developer")) + }) + }) + + Context("RemoveSpaceSupporter", func() { + It("should succeed", func() { + err := roleManager.RemoveSpaceSupporter("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-supporter")) + }) + + It("should peek", func() { + roleManager.Peek = true + err := roleManager.RemoveSpaceSupporter("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).ShouldNot(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(0)) + }) + + It("should error", func() { + roleClient.DeleteReturns("", errors.New("error")) + err := roleManager.RemoveSpaceSupporter("orgName/spaceName", "test-space-guid", "test", "test-user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.DeleteCallCount()).To(Equal(1)) + _, roleGUID := roleClient.DeleteArgsForCall(0) + Expect(roleGUID).Should(Equal("role-guid-supporter")) + }) + }) + }) + + Context("Add", func() { + Context("SpaceAuditor", func() { + It("Should succeed on AssociateSpaceAuditor", func() { + roleClient.CreateSpaceRoleReturns(nil, nil) + err := roleManager.AssociateSpaceAuditor("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(1)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, spaceGUID, userGUID, roleType := roleClient.CreateSpaceRoleArgsForCall(0) + Expect(spaceGUID).To(Equal("spaceGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(roleType).Should(Equal(resource.SpaceRoleAuditor)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + It("Should peek", func() { + roleManager.Peek = true + roleClient.CreateSpaceRoleReturns(nil, nil) + err := roleManager.AssociateSpaceAuditor("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(0)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(0)) + }) + It("Should fail", func() { + roleClient.CreateSpaceRoleReturns(nil, errors.New("error")) + err := roleManager.AssociateSpaceAuditor("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(1)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, spaceGUID, userGUID, roleType := roleClient.CreateSpaceRoleArgsForCall(0) + Expect(spaceGUID).To(Equal("spaceGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(roleType).Should(Equal(resource.SpaceRoleAuditor)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + }) + + Context("SpaceManager", func() { + It("Should succeed on AssociateSpaceManager", func() { + roleClient.CreateSpaceRoleReturns(nil, nil) + err := roleManager.AssociateSpaceManager("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(1)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, spaceGUID, userGUID, roleType := roleClient.CreateSpaceRoleArgsForCall(0) + Expect(spaceGUID).To(Equal("spaceGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(roleType).Should(Equal(resource.SpaceRoleManager)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + It("Should peek", func() { + roleManager.Peek = true + roleClient.CreateSpaceRoleReturns(nil, nil) + err := roleManager.AssociateSpaceAuditor("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(0)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(0)) + }) + It("Should fail", func() { + roleClient.CreateSpaceRoleReturns(nil, errors.New("error")) + err := roleManager.AssociateSpaceManager("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(1)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, spaceGUID, userGUID, roleType := roleClient.CreateSpaceRoleArgsForCall(0) + Expect(spaceGUID).To(Equal("spaceGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(roleType).Should(Equal(resource.SpaceRoleManager)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + }) + + Context("SpaceDeveloper", func() { + It("Should succeed on AssociateSpaceDeveloper", func() { + roleClient.CreateSpaceRoleReturns(nil, nil) + err := roleManager.AssociateSpaceDeveloper("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(1)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, spaceGUID, userGUID, roleType := roleClient.CreateSpaceRoleArgsForCall(0) + Expect(spaceGUID).To(Equal("spaceGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(roleType).Should(Equal(resource.SpaceRoleDeveloper)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + It("Should peek", func() { + roleManager.Peek = true + roleClient.CreateSpaceRoleReturns(nil, nil) + err := roleManager.AssociateSpaceDeveloper("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(0)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(0)) + }) + It("Should fail", func() { + roleClient.CreateSpaceRoleReturns(nil, errors.New("error")) + err := roleManager.AssociateSpaceDeveloper("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(1)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, spaceGUID, userGUID, roleType := roleClient.CreateSpaceRoleArgsForCall(0) + Expect(spaceGUID).To(Equal("spaceGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(roleType).Should(Equal(resource.SpaceRoleDeveloper)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + }) + + Context("SpaceSupporter", func() { + It("Should succeed on AssociateSpaceSupporter", func() { + roleClient.CreateSpaceRoleReturns(nil, nil) + err := roleManager.AssociateSpaceSupporter("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(1)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, spaceGUID, userGUID, roleType := roleClient.CreateSpaceRoleArgsForCall(0) + Expect(spaceGUID).To(Equal("spaceGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(roleType).Should(Equal(resource.SpaceRoleSupporter)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + It("Should peek", func() { + roleManager.Peek = true + roleClient.CreateSpaceRoleReturns(nil, nil) + err := roleManager.AssociateSpaceSupporter("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).NotTo(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(0)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(0)) + }) + It("Should fail", func() { + roleClient.CreateSpaceRoleReturns(nil, errors.New("error")) + err := roleManager.AssociateSpaceSupporter("orgGUID", "spaceName", "spaceGUID", "userName", "user-guid") + Expect(err).Should(HaveOccurred()) + Expect(roleClient.CreateSpaceRoleCallCount()).To(Equal(1)) + Expect(roleClient.CreateOrganizationRoleCallCount()).To(Equal(1)) + _, spaceGUID, userGUID, roleType := roleClient.CreateSpaceRoleArgsForCall(0) + Expect(spaceGUID).To(Equal("spaceGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(roleType).Should(Equal(resource.SpaceRoleSupporter)) + + _, orgGUID, userGUID, role := roleClient.CreateOrganizationRoleArgsForCall(0) + Expect(orgGUID).To(Equal("orgGUID")) + Expect(userGUID).To(Equal("user-guid")) + Expect(role).To(Equal(resource.OrganizationRoleUser)) + }) + }) + }) + }) +}) diff --git a/role/manager_test.go b/role/manager_test.go new file mode 100644 index 00000000..dad3a3e5 --- /dev/null +++ b/role/manager_test.go @@ -0,0 +1,63 @@ +package role_test + +import ( + "github.com/cloudfoundry-community/go-cfclient/v3/resource" + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + . "github.com/vmwarepivotallabs/cf-mgmt/role" + "github.com/vmwarepivotallabs/cf-mgmt/role/fakes" +) + +var _ = Describe("given RoleManager", func() { + var ( + roleManager *DefaultManager + roleClient *fakes.FakeCFRoleClient + ) + BeforeEach(func() { + roleClient = new(fakes.FakeCFRoleClient) + }) + Context("Role Manager", func() { + BeforeEach(func() { + roleManager = &DefaultManager{ + RoleClient: roleClient, + } + }) + + Context("Space Roles", func() { + It("Should succeed list space roles", func() { + roleClient.ListAllReturns([]*resource.Role{ + {GUID: "role-guid"}, + }, nil) + results, err := roleManager.ListSpaceRoles() + Expect(err).NotTo(HaveOccurred()) + Expect(len(results)).To(Equal(1)) + }) + It("Should fail as duplicate guids returned", func() { + roleClient.ListAllReturns([]*resource.Role{ + { + GUID: "role-guid", + Type: "space-devloper", + }, + { + GUID: "role-guid", + Type: "space-manager", + }, + }, nil) + results, err := roleManager.ListSpaceRoles() + Expect(err).To(HaveOccurred()) + Expect(results).To(BeNil()) + }) + }) + + Context("Org Roles", func() { + It("Should succeed list space roles", func() { + roleClient.ListAllReturns([]*resource.Role{ + {GUID: "role-guid"}, + }, nil) + results, err := roleManager.ListOrgRoles() + Expect(err).NotTo(HaveOccurred()) + Expect(len(results)).To(Equal(1)) + }) + }) + }) +}) diff --git a/user/role_users.go b/role/role_users.go similarity index 52% rename from user/role_users.go rename to role/role_users.go index 507f2219..28a83fcc 100644 --- a/user/role_users.go +++ b/role/role_users.go @@ -1,15 +1,22 @@ -package user +package role import ( "fmt" "strings" - cfclient "github.com/cloudfoundry-community/go-cfclient" + "github.com/cloudfoundry-community/go-cfclient/v3/resource" "github.com/vmwarepivotallabs/cf-mgmt/uaa" "github.com/xchapter7x/lo" ) -func NewRoleUsers(users []cfclient.V3User, uaaUsers *uaa.Users) (*RoleUsers, error) { +func InitRoleUsers() *RoleUsers { + return &RoleUsers{ + users: make(map[string][]RoleUser), + orphanedUsers: make(map[string]string), + } +} + +func NewRoleUsers(users []*resource.User, uaaUsers *uaa.Users) (*RoleUsers, error) { roleUsers := InitRoleUsers() for _, user := range users { uaaUser := uaaUsers.GetByID(user.GUID) @@ -27,7 +34,7 @@ func NewRoleUsers(users []cfclient.V3User, uaaUsers *uaa.Users) (*RoleUsers, err if roleUser.UserName == "" { return nil, fmt.Errorf("username is blank for user with id %s", user.GUID) } - roleUsers.addUser(roleUser) + roleUsers.AddUser(roleUser) } return roleUsers, nil @@ -83,7 +90,7 @@ func (r *RoleUsers) RemoveUserForOrigin(userName, origin string) { func (r *RoleUsers) AddUsers(roleUsers []RoleUser) { for _, user := range roleUsers { - r.addUser(user) + r.AddUser(user) } } @@ -96,7 +103,7 @@ func (r *RoleUsers) addOrphanedUser(userGUID string) { r.orphanedUsers[strings.ToLower(userGUID)] = userGUID } -func (r *RoleUsers) addUser(roleUser RoleUser) { +func (r *RoleUsers) AddUser(roleUser RoleUser) { userList := r.users[strings.ToLower(roleUser.UserName)] userList = append(userList, roleUser) r.users[strings.ToLower(roleUser.UserName)] = userList @@ -111,65 +118,3 @@ func (r *RoleUsers) Users() []RoleUser { } return result } - -func (m *DefaultManager) ListOrgUsersByRole(orgGUID string) (*RoleUsers, *RoleUsers, *RoleUsers, *RoleUsers, error) { - if m.Peek && strings.Contains(orgGUID, "dry-run-org-guid") { - return InitRoleUsers(), InitRoleUsers(), InitRoleUsers(), InitRoleUsers(), nil - } - if m.OrgRoles == nil { - err := m.initializeOrgUserRolesMap() - if err != nil { - return nil, nil, nil, nil, err - } - } - return m.getOrgRole(orgGUID, ORG_USER), m.getOrgRole(orgGUID, ORG_MANAGER), m.getOrgRole(orgGUID, ORG_BILLING_MANAGER), m.getOrgRole(orgGUID, ORG_AUDITOR), nil -} - -func (m *DefaultManager) ListSpaceUsersByRole(spaceGUID string) (*RoleUsers, *RoleUsers, *RoleUsers, *RoleUsers, error) { - - if m.Peek && strings.Contains(spaceGUID, "dry-run-space-guid") { - return InitRoleUsers(), InitRoleUsers(), InitRoleUsers(), InitRoleUsers(), nil - } - if m.SpaceRoles == nil { - err := m.initializeSpaceUserRolesMap() - if err != nil { - return nil, nil, nil, nil, err - } - } - return m.getSpaceRole(spaceGUID, SPACE_MANAGER), m.getSpaceRole(spaceGUID, SPACE_DEVELOPER), m.getSpaceRole(spaceGUID, SPACE_AUDITOR), m.getSpaceRole(spaceGUID, SPACE_SUPPORTER), nil -} - -func (m *DefaultManager) getOrgRole(orgGUID, role string) *RoleUsers { - orgRoles := m.OrgRoles[orgGUID] - if orgRoles == nil { - return InitRoleUsers() - } - roleUser := orgRoles[role] - if roleUser == nil { - return InitRoleUsers() - } - return roleUser -} - -func (m *DefaultManager) getSpaceRole(spaceGUID, role string) *RoleUsers { - spaceRoles := m.SpaceRoles[spaceGUID] - if spaceRoles == nil { - return InitRoleUsers() - } - roleUser := spaceRoles[role] - if roleUser == nil { - return InitRoleUsers() - } - return roleUser -} - -func (m *DefaultManager) getUserForGUID(guid string) (*cfclient.V3User, error) { - cfUsersMap, err := m.GetCFUsers() - if err != nil { - return nil, err - } - if user, ok := cfUsersMap[guid]; ok { - return &user, nil - } - return nil, fmt.Errorf("user not found for guid [%s]", guid) -} diff --git a/role/suite_test.go b/role/suite_test.go new file mode 100644 index 00000000..7c8efe9d --- /dev/null +++ b/role/suite_test.go @@ -0,0 +1,16 @@ +package role_test + +import ( + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + + "testing" +) + +var test *testing.T + +func TestSuite(t *testing.T) { + RegisterFailHandler(Fail) + test = t + RunSpecs(t, "Test Suite") +} diff --git a/role/types.go b/role/types.go new file mode 100644 index 00000000..95b196f8 --- /dev/null +++ b/role/types.go @@ -0,0 +1,59 @@ +package role + +import ( + "context" + + v3cfclient "github.com/cloudfoundry-community/go-cfclient/v3/client" + "github.com/cloudfoundry-community/go-cfclient/v3/resource" +) + +type RoleUsers struct { + users map[string][]RoleUser + orphanedUsers map[string]string +} +type RoleUser struct { + UserName string + GUID string + Origin string +} + +type Manager interface { + ClearRoles() + DeleteUser(userGuid string) error + ListSpaceUsersByRole(spaceGUID string) (*RoleUsers, *RoleUsers, *RoleUsers, *RoleUsers, error) + ListOrgUsersByRole(orgGUID string) (*RoleUsers, *RoleUsers, *RoleUsers, *RoleUsers, error) + AssociateOrgAuditor(orgGUID, orgName, entityGUID, userName, userGUID string) error + AssociateOrgManager(orgGUID, orgName, entityGUID, userName, userGUID string) error + AssociateOrgBillingManager(orgGUID, orgName, entityGUID, userName, userGUID string) error + + RemoveOrgManager(orgName, orgGUID, userName, userGUID string) error + RemoveOrgBillingManager(orgName, orgGUID, userName, userGUID string) error + RemoveOrgAuditor(orgName, orgGUID, userName, userGUID string) error + RemoveOrgUser(orgName, orgGUID, userName, userGUID string) error + + AssociateSpaceAuditor(orgGUID, spaceName, spaceGUID, userName, userGUID string) error + AssociateSpaceManager(orgGUID, spaceName, spaceGUID, userName, userGUID string) error + AssociateSpaceDeveloper(orgGUID, spaceName, spaceGUID, userName, userGUID string) error + AssociateSpaceSupporter(orgGUID, spaceName, spaceGUID, userName, userGUID string) error + + RemoveSpaceAuditor(spaceName, spaceGUID, userName, userGUID string) error + RemoveSpaceDeveloper(spaceName, spaceGUID, userName, userGUID string) error + RemoveSpaceManager(spaceName, spaceGUID, userName, userGUID string) error + RemoveSpaceSupporter(spaceName, spaceGUID, userName, userGUID string) error +} + +type CFRoleClient interface { + ListAll(ctx context.Context, opts *v3cfclient.RoleListOptions) ([]*resource.Role, error) + CreateOrganizationRole(ctx context.Context, organizationGUID, userGUID string, roleType resource.OrganizationRoleType) (*resource.Role, error) + CreateSpaceRole(ctx context.Context, spaceGUID, userGUID string, roleType resource.SpaceRoleType) (*resource.Role, error) + Delete(ctx context.Context, guid string) (string, error) +} + +type CFUserClient interface { + ListAll(ctx context.Context, opts *v3cfclient.UserListOptions) ([]*resource.User, error) + Delete(ctx context.Context, guid string) (string, error) +} + +type CFJobClient interface { + PollComplete(ctx context.Context, jobGUID string, opts *v3cfclient.PollingOptions) error +} diff --git a/user/cleanup_users.go b/user/cleanup_users.go index 65dded4b..faafc940 100644 --- a/user/cleanup_users.go +++ b/user/cleanup_users.go @@ -2,11 +2,10 @@ package user import ( "fmt" - "net/url" - cfclient "github.com/cloudfoundry-community/go-cfclient" "github.com/pkg/errors" "github.com/vmwarepivotallabs/cf-mgmt/config" + "github.com/vmwarepivotallabs/cf-mgmt/role" "github.com/vmwarepivotallabs/cf-mgmt/uaa" "github.com/vmwarepivotallabs/cf-mgmt/util" "github.com/xchapter7x/lo" @@ -15,7 +14,7 @@ import ( func (m *DefaultManager) removeOrphanedUsers(orphanedUsers []string) error { for _, orphanedUser := range orphanedUsers { lo.G.Infof("Deleting orphaned CF user with guid %s", orphanedUser) - err := m.Client.DeleteUser(orphanedUser) + err := m.RoleMgr.DeleteUser(orphanedUser) if err != nil { return err } @@ -27,7 +26,7 @@ func (m *DefaultManager) removeOrphanedUsers(orphanedUsers []string) error { // CleanupOrgUsers - func (m *DefaultManager) CleanupOrgUsers() []error { errs := []error{} - m.ClearRoles() + m.RoleMgr.ClearRoles() orgConfigs, err := m.Cfg.GetOrgConfigs() if err != nil { return []error{err} @@ -46,7 +45,6 @@ func (m *DefaultManager) CleanupOrgUsers() []error { lo.G.Infof("Not Removing Users from org %s", input.Org) } } - m.LogResults() return errs } @@ -55,7 +53,7 @@ func (m *DefaultManager) cleanupOrgUsers(uaaUsers *uaa.Users, input *config.OrgC if err != nil { return err } - orgUsers, _, _, _, err := m.ListOrgUsersByRole(org.GUID) + orgUsers, _, _, _, err := m.RoleMgr.ListOrgUsersByRole(org.GUID) if err != nil { return errors.Wrap(err, fmt.Sprintf("Error listing org users for org %s", input.Org)) } @@ -87,14 +85,10 @@ func (m *DefaultManager) cleanupOrgUsers(uaaUsers *uaa.Users, input *config.OrgC continue } lo.G.Infof("Removing User %s from org %s", orgUser.UserName, input.Org) - role, err := m.GetOrgRoleGUID(org.GUID, guid, ORG_USER) + err = m.RoleMgr.RemoveOrgUser(org.Name, org.GUID, orgUser.UserName, guid) if err != nil { return err } - err = m.Client.DeleteV3Role(role) - if err != nil { - return errors.Wrap(err, fmt.Sprintf("Error removing user %s from org %s", orgUser.UserName, input.Org)) - } } } } @@ -102,9 +96,9 @@ func (m *DefaultManager) cleanupOrgUsers(uaaUsers *uaa.Users, input *config.OrgC return m.removeOrphanedUsers(usersInRoles.OrphanedUsers()) } -func (m *DefaultManager) unassociatedOrphanedUser(input UsersInput, userGUIDs []string, unassign func(input UsersInput, userName string, userGUID string) error) error { +func (m *DefaultManager) unassociatedOrphanedSpaceUser(input UsersInput, userGUIDs []string, unassign func(entityName string, entityGUID string, userName string, userGUID string) error) error { for _, userGUID := range userGUIDs { - err := unassign(input, "orphaned", userGUID) + err := unassign(input.SpaceName, input.SpaceGUID, "orphaned", userGUID) if err != nil { return err } @@ -112,20 +106,30 @@ func (m *DefaultManager) unassociatedOrphanedUser(input UsersInput, userGUIDs [] return nil } -func (m *DefaultManager) usersInOrgRoles(orgName, orgGUID string) (*RoleUsers, error) { - roleUsers := InitRoleUsers() +func (m *DefaultManager) unassociatedOrphanedOrgUser(input UsersInput, userGUIDs []string, unassign func(entityName string, entityGUID string, userName string, userGUID string) error) error { + for _, userGUID := range userGUIDs { + err := unassign(input.OrgName, input.OrgGUID, "orphaned", userGUID) + if err != nil { + return err + } + } + return nil +} + +func (m *DefaultManager) usersInOrgRoles(orgName, orgGUID string) (*role.RoleUsers, error) { + roleUsers := role.InitRoleUsers() userInput := UsersInput{ OrgGUID: orgGUID, OrgName: orgName, } - _, orgManagers, orgBillingManagers, orgAuditors, err := m.ListOrgUsersByRole(orgGUID) + _, orgManagers, orgBillingManagers, orgAuditors, err := m.RoleMgr.ListOrgUsersByRole(orgGUID) if err != nil { return nil, err } roleUsers.AddUsers(orgAuditors.Users()) roleUsers.AddOrphanedUsers(orgAuditors.OrphanedUsers()) - err = m.unassociatedOrphanedUser(userInput, orgAuditors.OrphanedUsers(), m.RemoveOrgAuditor) + err = m.unassociatedOrphanedOrgUser(userInput, orgAuditors.OrphanedUsers(), m.RoleMgr.RemoveOrgAuditor) if err != nil { return nil, err } @@ -133,7 +137,7 @@ func (m *DefaultManager) usersInOrgRoles(orgName, orgGUID string) (*RoleUsers, e roleUsers.AddUsers(orgManagers.Users()) roleUsers.AddOrphanedUsers(orgManagers.OrphanedUsers()) - err = m.unassociatedOrphanedUser(userInput, orgManagers.OrphanedUsers(), m.RemoveOrgManager) + err = m.unassociatedOrphanedOrgUser(userInput, orgManagers.OrphanedUsers(), m.RoleMgr.RemoveOrgManager) if err != nil { return nil, err } @@ -141,32 +145,31 @@ func (m *DefaultManager) usersInOrgRoles(orgName, orgGUID string) (*RoleUsers, e roleUsers.AddUsers(orgBillingManagers.Users()) roleUsers.AddOrphanedUsers(orgBillingManagers.OrphanedUsers()) - err = m.unassociatedOrphanedUser(userInput, orgBillingManagers.OrphanedUsers(), m.RemoveOrgBillingManager) + err = m.unassociatedOrphanedOrgUser(userInput, orgBillingManagers.OrphanedUsers(), m.RoleMgr.RemoveOrgBillingManager) if err != nil { return nil, err } - - spaces, err := m.listSpaces(orgGUID) + spaces, err := m.SpaceMgr.ListSpaces(orgGUID) if err != nil { return nil, errors.Wrap(err, fmt.Sprintf("Error listing spaces for org %s", orgName)) } for _, space := range spaces { - userInput.SpaceGUID = space.Guid + userInput.SpaceGUID = space.GUID userInput.SpaceName = space.Name - spaceManagers, spaceDevelopers, spaceAuditors, spaceSupporters, err := m.ListSpaceUsersByRole(space.Guid) + spaceManagers, spaceDevelopers, spaceAuditors, spaceSupporters, err := m.RoleMgr.ListSpaceUsersByRole(space.GUID) if err != nil { return nil, err } roleUsers.AddUsers(spaceAuditors.Users()) roleUsers.AddOrphanedUsers(spaceAuditors.OrphanedUsers()) - err = m.unassociatedOrphanedUser(userInput, spaceAuditors.OrphanedUsers(), m.RemoveSpaceAuditor) + err = m.unassociatedOrphanedSpaceUser(userInput, spaceAuditors.OrphanedUsers(), m.RoleMgr.RemoveSpaceAuditor) if err != nil { return nil, err } roleUsers.AddUsers(spaceDevelopers.Users()) roleUsers.AddOrphanedUsers(spaceDevelopers.OrphanedUsers()) - err = m.unassociatedOrphanedUser(userInput, spaceDevelopers.OrphanedUsers(), m.RemoveSpaceDeveloper) + err = m.unassociatedOrphanedSpaceUser(userInput, spaceDevelopers.OrphanedUsers(), m.RoleMgr.RemoveSpaceDeveloper) if err != nil { return nil, err } @@ -174,7 +177,7 @@ func (m *DefaultManager) usersInOrgRoles(orgName, orgGUID string) (*RoleUsers, e roleUsers.AddUsers(spaceManagers.Users()) roleUsers.AddOrphanedUsers(spaceManagers.OrphanedUsers()) - err = m.unassociatedOrphanedUser(userInput, spaceManagers.OrphanedUsers(), m.RemoveSpaceManager) + err = m.unassociatedOrphanedSpaceUser(userInput, spaceManagers.OrphanedUsers(), m.RoleMgr.RemoveSpaceManager) if err != nil { return nil, err } @@ -182,7 +185,7 @@ func (m *DefaultManager) usersInOrgRoles(orgName, orgGUID string) (*RoleUsers, e roleUsers.AddUsers(spaceSupporters.Users()) roleUsers.AddOrphanedUsers(spaceSupporters.OrphanedUsers()) - err = m.unassociatedOrphanedUser(userInput, spaceSupporters.OrphanedUsers(), m.RemoveSpaceSupporter) + err = m.unassociatedOrphanedSpaceUser(userInput, spaceSupporters.OrphanedUsers(), m.RoleMgr.RemoveSpaceSupporter) if err != nil { return nil, err } @@ -190,14 +193,3 @@ func (m *DefaultManager) usersInOrgRoles(orgName, orgGUID string) (*RoleUsers, e return roleUsers, nil } - -func (m *DefaultManager) listSpaces(orgGUID string) ([]cfclient.Space, error) { - spaces, err := m.Client.ListSpacesByQuery(url.Values{ - "q": []string{fmt.Sprintf("%s:%s", "organization_guid", orgGUID)}, - }) - if err != nil { - return nil, err - } - return spaces, err - -} diff --git a/user/fakes/fake_cf_client.go b/user/fakes/fake_cf_client.go deleted file mode 100644 index 1775b3f4..00000000 --- a/user/fakes/fake_cf_client.go +++ /dev/null @@ -1,822 +0,0 @@ -// Code generated by counterfeiter. DO NOT EDIT. -package fakes - -import ( - "net/url" - "sync" - - cfclient "github.com/cloudfoundry-community/go-cfclient" - "github.com/vmwarepivotallabs/cf-mgmt/user" -) - -type FakeCFClient struct { - CreateV3OrganizationRoleStub func(string, string, string) (*cfclient.V3Role, error) - createV3OrganizationRoleMutex sync.RWMutex - createV3OrganizationRoleArgsForCall []struct { - arg1 string - arg2 string - arg3 string - } - createV3OrganizationRoleReturns struct { - result1 *cfclient.V3Role - result2 error - } - createV3OrganizationRoleReturnsOnCall map[int]struct { - result1 *cfclient.V3Role - result2 error - } - CreateV3SpaceRoleStub func(string, string, string) (*cfclient.V3Role, error) - createV3SpaceRoleMutex sync.RWMutex - createV3SpaceRoleArgsForCall []struct { - arg1 string - arg2 string - arg3 string - } - createV3SpaceRoleReturns struct { - result1 *cfclient.V3Role - result2 error - } - createV3SpaceRoleReturnsOnCall map[int]struct { - result1 *cfclient.V3Role - result2 error - } - DeleteUserStub func(string) error - deleteUserMutex sync.RWMutex - deleteUserArgsForCall []struct { - arg1 string - } - deleteUserReturns struct { - result1 error - } - deleteUserReturnsOnCall map[int]struct { - result1 error - } - DeleteV3RoleStub func(string) error - deleteV3RoleMutex sync.RWMutex - deleteV3RoleArgsForCall []struct { - arg1 string - } - deleteV3RoleReturns struct { - result1 error - } - deleteV3RoleReturnsOnCall map[int]struct { - result1 error - } - ListSpacesByQueryStub func(url.Values) ([]cfclient.Space, error) - listSpacesByQueryMutex sync.RWMutex - listSpacesByQueryArgsForCall []struct { - arg1 url.Values - } - listSpacesByQueryReturns struct { - result1 []cfclient.Space - result2 error - } - listSpacesByQueryReturnsOnCall map[int]struct { - result1 []cfclient.Space - result2 error - } - ListV3OrganizationRolesByGUIDAndTypeStub func(string, string) ([]cfclient.V3User, error) - listV3OrganizationRolesByGUIDAndTypeMutex sync.RWMutex - listV3OrganizationRolesByGUIDAndTypeArgsForCall []struct { - arg1 string - arg2 string - } - listV3OrganizationRolesByGUIDAndTypeReturns struct { - result1 []cfclient.V3User - result2 error - } - listV3OrganizationRolesByGUIDAndTypeReturnsOnCall map[int]struct { - result1 []cfclient.V3User - result2 error - } - ListV3RolesByQueryStub func(url.Values) ([]cfclient.V3Role, error) - listV3RolesByQueryMutex sync.RWMutex - listV3RolesByQueryArgsForCall []struct { - arg1 url.Values - } - listV3RolesByQueryReturns struct { - result1 []cfclient.V3Role - result2 error - } - listV3RolesByQueryReturnsOnCall map[int]struct { - result1 []cfclient.V3Role - result2 error - } - ListV3SpaceRolesByGUIDAndTypeStub func(string, string) ([]cfclient.V3User, error) - listV3SpaceRolesByGUIDAndTypeMutex sync.RWMutex - listV3SpaceRolesByGUIDAndTypeArgsForCall []struct { - arg1 string - arg2 string - } - listV3SpaceRolesByGUIDAndTypeReturns struct { - result1 []cfclient.V3User - result2 error - } - listV3SpaceRolesByGUIDAndTypeReturnsOnCall map[int]struct { - result1 []cfclient.V3User - result2 error - } - ListV3UsersByQueryStub func(url.Values) ([]cfclient.V3User, error) - listV3UsersByQueryMutex sync.RWMutex - listV3UsersByQueryArgsForCall []struct { - arg1 url.Values - } - listV3UsersByQueryReturns struct { - result1 []cfclient.V3User - result2 error - } - listV3UsersByQueryReturnsOnCall map[int]struct { - result1 []cfclient.V3User - result2 error - } - SupportsSpaceSupporterRoleStub func() (bool, error) - supportsSpaceSupporterRoleMutex sync.RWMutex - supportsSpaceSupporterRoleArgsForCall []struct { - } - supportsSpaceSupporterRoleReturns struct { - result1 bool - result2 error - } - supportsSpaceSupporterRoleReturnsOnCall map[int]struct { - result1 bool - result2 error - } - invocations map[string][][]interface{} - invocationsMutex sync.RWMutex -} - -func (fake *FakeCFClient) CreateV3OrganizationRole(arg1 string, arg2 string, arg3 string) (*cfclient.V3Role, error) { - fake.createV3OrganizationRoleMutex.Lock() - ret, specificReturn := fake.createV3OrganizationRoleReturnsOnCall[len(fake.createV3OrganizationRoleArgsForCall)] - fake.createV3OrganizationRoleArgsForCall = append(fake.createV3OrganizationRoleArgsForCall, struct { - arg1 string - arg2 string - arg3 string - }{arg1, arg2, arg3}) - stub := fake.CreateV3OrganizationRoleStub - fakeReturns := fake.createV3OrganizationRoleReturns - fake.recordInvocation("CreateV3OrganizationRole", []interface{}{arg1, arg2, arg3}) - fake.createV3OrganizationRoleMutex.Unlock() - if stub != nil { - return stub(arg1, arg2, arg3) - } - if specificReturn { - return ret.result1, ret.result2 - } - return fakeReturns.result1, fakeReturns.result2 -} - -func (fake *FakeCFClient) CreateV3OrganizationRoleCallCount() int { - fake.createV3OrganizationRoleMutex.RLock() - defer fake.createV3OrganizationRoleMutex.RUnlock() - return len(fake.createV3OrganizationRoleArgsForCall) -} - -func (fake *FakeCFClient) CreateV3OrganizationRoleCalls(stub func(string, string, string) (*cfclient.V3Role, error)) { - fake.createV3OrganizationRoleMutex.Lock() - defer fake.createV3OrganizationRoleMutex.Unlock() - fake.CreateV3OrganizationRoleStub = stub -} - -func (fake *FakeCFClient) CreateV3OrganizationRoleArgsForCall(i int) (string, string, string) { - fake.createV3OrganizationRoleMutex.RLock() - defer fake.createV3OrganizationRoleMutex.RUnlock() - argsForCall := fake.createV3OrganizationRoleArgsForCall[i] - return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 -} - -func (fake *FakeCFClient) CreateV3OrganizationRoleReturns(result1 *cfclient.V3Role, result2 error) { - fake.createV3OrganizationRoleMutex.Lock() - defer fake.createV3OrganizationRoleMutex.Unlock() - fake.CreateV3OrganizationRoleStub = nil - fake.createV3OrganizationRoleReturns = struct { - result1 *cfclient.V3Role - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) CreateV3OrganizationRoleReturnsOnCall(i int, result1 *cfclient.V3Role, result2 error) { - fake.createV3OrganizationRoleMutex.Lock() - defer fake.createV3OrganizationRoleMutex.Unlock() - fake.CreateV3OrganizationRoleStub = nil - if fake.createV3OrganizationRoleReturnsOnCall == nil { - fake.createV3OrganizationRoleReturnsOnCall = make(map[int]struct { - result1 *cfclient.V3Role - result2 error - }) - } - fake.createV3OrganizationRoleReturnsOnCall[i] = struct { - result1 *cfclient.V3Role - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) CreateV3SpaceRole(arg1 string, arg2 string, arg3 string) (*cfclient.V3Role, error) { - fake.createV3SpaceRoleMutex.Lock() - ret, specificReturn := fake.createV3SpaceRoleReturnsOnCall[len(fake.createV3SpaceRoleArgsForCall)] - fake.createV3SpaceRoleArgsForCall = append(fake.createV3SpaceRoleArgsForCall, struct { - arg1 string - arg2 string - arg3 string - }{arg1, arg2, arg3}) - stub := fake.CreateV3SpaceRoleStub - fakeReturns := fake.createV3SpaceRoleReturns - fake.recordInvocation("CreateV3SpaceRole", []interface{}{arg1, arg2, arg3}) - fake.createV3SpaceRoleMutex.Unlock() - if stub != nil { - return stub(arg1, arg2, arg3) - } - if specificReturn { - return ret.result1, ret.result2 - } - return fakeReturns.result1, fakeReturns.result2 -} - -func (fake *FakeCFClient) CreateV3SpaceRoleCallCount() int { - fake.createV3SpaceRoleMutex.RLock() - defer fake.createV3SpaceRoleMutex.RUnlock() - return len(fake.createV3SpaceRoleArgsForCall) -} - -func (fake *FakeCFClient) CreateV3SpaceRoleCalls(stub func(string, string, string) (*cfclient.V3Role, error)) { - fake.createV3SpaceRoleMutex.Lock() - defer fake.createV3SpaceRoleMutex.Unlock() - fake.CreateV3SpaceRoleStub = stub -} - -func (fake *FakeCFClient) CreateV3SpaceRoleArgsForCall(i int) (string, string, string) { - fake.createV3SpaceRoleMutex.RLock() - defer fake.createV3SpaceRoleMutex.RUnlock() - argsForCall := fake.createV3SpaceRoleArgsForCall[i] - return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 -} - -func (fake *FakeCFClient) CreateV3SpaceRoleReturns(result1 *cfclient.V3Role, result2 error) { - fake.createV3SpaceRoleMutex.Lock() - defer fake.createV3SpaceRoleMutex.Unlock() - fake.CreateV3SpaceRoleStub = nil - fake.createV3SpaceRoleReturns = struct { - result1 *cfclient.V3Role - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) CreateV3SpaceRoleReturnsOnCall(i int, result1 *cfclient.V3Role, result2 error) { - fake.createV3SpaceRoleMutex.Lock() - defer fake.createV3SpaceRoleMutex.Unlock() - fake.CreateV3SpaceRoleStub = nil - if fake.createV3SpaceRoleReturnsOnCall == nil { - fake.createV3SpaceRoleReturnsOnCall = make(map[int]struct { - result1 *cfclient.V3Role - result2 error - }) - } - fake.createV3SpaceRoleReturnsOnCall[i] = struct { - result1 *cfclient.V3Role - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) DeleteUser(arg1 string) error { - fake.deleteUserMutex.Lock() - ret, specificReturn := fake.deleteUserReturnsOnCall[len(fake.deleteUserArgsForCall)] - fake.deleteUserArgsForCall = append(fake.deleteUserArgsForCall, struct { - arg1 string - }{arg1}) - stub := fake.DeleteUserStub - fakeReturns := fake.deleteUserReturns - fake.recordInvocation("DeleteUser", []interface{}{arg1}) - fake.deleteUserMutex.Unlock() - if stub != nil { - return stub(arg1) - } - if specificReturn { - return ret.result1 - } - return fakeReturns.result1 -} - -func (fake *FakeCFClient) DeleteUserCallCount() int { - fake.deleteUserMutex.RLock() - defer fake.deleteUserMutex.RUnlock() - return len(fake.deleteUserArgsForCall) -} - -func (fake *FakeCFClient) DeleteUserCalls(stub func(string) error) { - fake.deleteUserMutex.Lock() - defer fake.deleteUserMutex.Unlock() - fake.DeleteUserStub = stub -} - -func (fake *FakeCFClient) DeleteUserArgsForCall(i int) string { - fake.deleteUserMutex.RLock() - defer fake.deleteUserMutex.RUnlock() - argsForCall := fake.deleteUserArgsForCall[i] - return argsForCall.arg1 -} - -func (fake *FakeCFClient) DeleteUserReturns(result1 error) { - fake.deleteUserMutex.Lock() - defer fake.deleteUserMutex.Unlock() - fake.DeleteUserStub = nil - fake.deleteUserReturns = struct { - result1 error - }{result1} -} - -func (fake *FakeCFClient) DeleteUserReturnsOnCall(i int, result1 error) { - fake.deleteUserMutex.Lock() - defer fake.deleteUserMutex.Unlock() - fake.DeleteUserStub = nil - if fake.deleteUserReturnsOnCall == nil { - fake.deleteUserReturnsOnCall = make(map[int]struct { - result1 error - }) - } - fake.deleteUserReturnsOnCall[i] = struct { - result1 error - }{result1} -} - -func (fake *FakeCFClient) DeleteV3Role(arg1 string) error { - fake.deleteV3RoleMutex.Lock() - ret, specificReturn := fake.deleteV3RoleReturnsOnCall[len(fake.deleteV3RoleArgsForCall)] - fake.deleteV3RoleArgsForCall = append(fake.deleteV3RoleArgsForCall, struct { - arg1 string - }{arg1}) - stub := fake.DeleteV3RoleStub - fakeReturns := fake.deleteV3RoleReturns - fake.recordInvocation("DeleteV3Role", []interface{}{arg1}) - fake.deleteV3RoleMutex.Unlock() - if stub != nil { - return stub(arg1) - } - if specificReturn { - return ret.result1 - } - return fakeReturns.result1 -} - -func (fake *FakeCFClient) DeleteV3RoleCallCount() int { - fake.deleteV3RoleMutex.RLock() - defer fake.deleteV3RoleMutex.RUnlock() - return len(fake.deleteV3RoleArgsForCall) -} - -func (fake *FakeCFClient) DeleteV3RoleCalls(stub func(string) error) { - fake.deleteV3RoleMutex.Lock() - defer fake.deleteV3RoleMutex.Unlock() - fake.DeleteV3RoleStub = stub -} - -func (fake *FakeCFClient) DeleteV3RoleArgsForCall(i int) string { - fake.deleteV3RoleMutex.RLock() - defer fake.deleteV3RoleMutex.RUnlock() - argsForCall := fake.deleteV3RoleArgsForCall[i] - return argsForCall.arg1 -} - -func (fake *FakeCFClient) DeleteV3RoleReturns(result1 error) { - fake.deleteV3RoleMutex.Lock() - defer fake.deleteV3RoleMutex.Unlock() - fake.DeleteV3RoleStub = nil - fake.deleteV3RoleReturns = struct { - result1 error - }{result1} -} - -func (fake *FakeCFClient) DeleteV3RoleReturnsOnCall(i int, result1 error) { - fake.deleteV3RoleMutex.Lock() - defer fake.deleteV3RoleMutex.Unlock() - fake.DeleteV3RoleStub = nil - if fake.deleteV3RoleReturnsOnCall == nil { - fake.deleteV3RoleReturnsOnCall = make(map[int]struct { - result1 error - }) - } - fake.deleteV3RoleReturnsOnCall[i] = struct { - result1 error - }{result1} -} - -func (fake *FakeCFClient) ListSpacesByQuery(arg1 url.Values) ([]cfclient.Space, error) { - fake.listSpacesByQueryMutex.Lock() - ret, specificReturn := fake.listSpacesByQueryReturnsOnCall[len(fake.listSpacesByQueryArgsForCall)] - fake.listSpacesByQueryArgsForCall = append(fake.listSpacesByQueryArgsForCall, struct { - arg1 url.Values - }{arg1}) - stub := fake.ListSpacesByQueryStub - fakeReturns := fake.listSpacesByQueryReturns - fake.recordInvocation("ListSpacesByQuery", []interface{}{arg1}) - fake.listSpacesByQueryMutex.Unlock() - if stub != nil { - return stub(arg1) - } - if specificReturn { - return ret.result1, ret.result2 - } - return fakeReturns.result1, fakeReturns.result2 -} - -func (fake *FakeCFClient) ListSpacesByQueryCallCount() int { - fake.listSpacesByQueryMutex.RLock() - defer fake.listSpacesByQueryMutex.RUnlock() - return len(fake.listSpacesByQueryArgsForCall) -} - -func (fake *FakeCFClient) ListSpacesByQueryCalls(stub func(url.Values) ([]cfclient.Space, error)) { - fake.listSpacesByQueryMutex.Lock() - defer fake.listSpacesByQueryMutex.Unlock() - fake.ListSpacesByQueryStub = stub -} - -func (fake *FakeCFClient) ListSpacesByQueryArgsForCall(i int) url.Values { - fake.listSpacesByQueryMutex.RLock() - defer fake.listSpacesByQueryMutex.RUnlock() - argsForCall := fake.listSpacesByQueryArgsForCall[i] - return argsForCall.arg1 -} - -func (fake *FakeCFClient) ListSpacesByQueryReturns(result1 []cfclient.Space, result2 error) { - fake.listSpacesByQueryMutex.Lock() - defer fake.listSpacesByQueryMutex.Unlock() - fake.ListSpacesByQueryStub = nil - fake.listSpacesByQueryReturns = struct { - result1 []cfclient.Space - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) ListSpacesByQueryReturnsOnCall(i int, result1 []cfclient.Space, result2 error) { - fake.listSpacesByQueryMutex.Lock() - defer fake.listSpacesByQueryMutex.Unlock() - fake.ListSpacesByQueryStub = nil - if fake.listSpacesByQueryReturnsOnCall == nil { - fake.listSpacesByQueryReturnsOnCall = make(map[int]struct { - result1 []cfclient.Space - result2 error - }) - } - fake.listSpacesByQueryReturnsOnCall[i] = struct { - result1 []cfclient.Space - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) ListV3OrganizationRolesByGUIDAndType(arg1 string, arg2 string) ([]cfclient.V3User, error) { - fake.listV3OrganizationRolesByGUIDAndTypeMutex.Lock() - ret, specificReturn := fake.listV3OrganizationRolesByGUIDAndTypeReturnsOnCall[len(fake.listV3OrganizationRolesByGUIDAndTypeArgsForCall)] - fake.listV3OrganizationRolesByGUIDAndTypeArgsForCall = append(fake.listV3OrganizationRolesByGUIDAndTypeArgsForCall, struct { - arg1 string - arg2 string - }{arg1, arg2}) - stub := fake.ListV3OrganizationRolesByGUIDAndTypeStub - fakeReturns := fake.listV3OrganizationRolesByGUIDAndTypeReturns - fake.recordInvocation("ListV3OrganizationRolesByGUIDAndType", []interface{}{arg1, arg2}) - fake.listV3OrganizationRolesByGUIDAndTypeMutex.Unlock() - if stub != nil { - return stub(arg1, arg2) - } - if specificReturn { - return ret.result1, ret.result2 - } - return fakeReturns.result1, fakeReturns.result2 -} - -func (fake *FakeCFClient) ListV3OrganizationRolesByGUIDAndTypeCallCount() int { - fake.listV3OrganizationRolesByGUIDAndTypeMutex.RLock() - defer fake.listV3OrganizationRolesByGUIDAndTypeMutex.RUnlock() - return len(fake.listV3OrganizationRolesByGUIDAndTypeArgsForCall) -} - -func (fake *FakeCFClient) ListV3OrganizationRolesByGUIDAndTypeCalls(stub func(string, string) ([]cfclient.V3User, error)) { - fake.listV3OrganizationRolesByGUIDAndTypeMutex.Lock() - defer fake.listV3OrganizationRolesByGUIDAndTypeMutex.Unlock() - fake.ListV3OrganizationRolesByGUIDAndTypeStub = stub -} - -func (fake *FakeCFClient) ListV3OrganizationRolesByGUIDAndTypeArgsForCall(i int) (string, string) { - fake.listV3OrganizationRolesByGUIDAndTypeMutex.RLock() - defer fake.listV3OrganizationRolesByGUIDAndTypeMutex.RUnlock() - argsForCall := fake.listV3OrganizationRolesByGUIDAndTypeArgsForCall[i] - return argsForCall.arg1, argsForCall.arg2 -} - -func (fake *FakeCFClient) ListV3OrganizationRolesByGUIDAndTypeReturns(result1 []cfclient.V3User, result2 error) { - fake.listV3OrganizationRolesByGUIDAndTypeMutex.Lock() - defer fake.listV3OrganizationRolesByGUIDAndTypeMutex.Unlock() - fake.ListV3OrganizationRolesByGUIDAndTypeStub = nil - fake.listV3OrganizationRolesByGUIDAndTypeReturns = struct { - result1 []cfclient.V3User - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) ListV3OrganizationRolesByGUIDAndTypeReturnsOnCall(i int, result1 []cfclient.V3User, result2 error) { - fake.listV3OrganizationRolesByGUIDAndTypeMutex.Lock() - defer fake.listV3OrganizationRolesByGUIDAndTypeMutex.Unlock() - fake.ListV3OrganizationRolesByGUIDAndTypeStub = nil - if fake.listV3OrganizationRolesByGUIDAndTypeReturnsOnCall == nil { - fake.listV3OrganizationRolesByGUIDAndTypeReturnsOnCall = make(map[int]struct { - result1 []cfclient.V3User - result2 error - }) - } - fake.listV3OrganizationRolesByGUIDAndTypeReturnsOnCall[i] = struct { - result1 []cfclient.V3User - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) ListV3RolesByQuery(arg1 url.Values) ([]cfclient.V3Role, error) { - fake.listV3RolesByQueryMutex.Lock() - ret, specificReturn := fake.listV3RolesByQueryReturnsOnCall[len(fake.listV3RolesByQueryArgsForCall)] - fake.listV3RolesByQueryArgsForCall = append(fake.listV3RolesByQueryArgsForCall, struct { - arg1 url.Values - }{arg1}) - stub := fake.ListV3RolesByQueryStub - fakeReturns := fake.listV3RolesByQueryReturns - fake.recordInvocation("ListV3RolesByQuery", []interface{}{arg1}) - fake.listV3RolesByQueryMutex.Unlock() - if stub != nil { - return stub(arg1) - } - if specificReturn { - return ret.result1, ret.result2 - } - return fakeReturns.result1, fakeReturns.result2 -} - -func (fake *FakeCFClient) ListV3RolesByQueryCallCount() int { - fake.listV3RolesByQueryMutex.RLock() - defer fake.listV3RolesByQueryMutex.RUnlock() - return len(fake.listV3RolesByQueryArgsForCall) -} - -func (fake *FakeCFClient) ListV3RolesByQueryCalls(stub func(url.Values) ([]cfclient.V3Role, error)) { - fake.listV3RolesByQueryMutex.Lock() - defer fake.listV3RolesByQueryMutex.Unlock() - fake.ListV3RolesByQueryStub = stub -} - -func (fake *FakeCFClient) ListV3RolesByQueryArgsForCall(i int) url.Values { - fake.listV3RolesByQueryMutex.RLock() - defer fake.listV3RolesByQueryMutex.RUnlock() - argsForCall := fake.listV3RolesByQueryArgsForCall[i] - return argsForCall.arg1 -} - -func (fake *FakeCFClient) ListV3RolesByQueryReturns(result1 []cfclient.V3Role, result2 error) { - fake.listV3RolesByQueryMutex.Lock() - defer fake.listV3RolesByQueryMutex.Unlock() - fake.ListV3RolesByQueryStub = nil - fake.listV3RolesByQueryReturns = struct { - result1 []cfclient.V3Role - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) ListV3RolesByQueryReturnsOnCall(i int, result1 []cfclient.V3Role, result2 error) { - fake.listV3RolesByQueryMutex.Lock() - defer fake.listV3RolesByQueryMutex.Unlock() - fake.ListV3RolesByQueryStub = nil - if fake.listV3RolesByQueryReturnsOnCall == nil { - fake.listV3RolesByQueryReturnsOnCall = make(map[int]struct { - result1 []cfclient.V3Role - result2 error - }) - } - fake.listV3RolesByQueryReturnsOnCall[i] = struct { - result1 []cfclient.V3Role - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) ListV3SpaceRolesByGUIDAndType(arg1 string, arg2 string) ([]cfclient.V3User, error) { - fake.listV3SpaceRolesByGUIDAndTypeMutex.Lock() - ret, specificReturn := fake.listV3SpaceRolesByGUIDAndTypeReturnsOnCall[len(fake.listV3SpaceRolesByGUIDAndTypeArgsForCall)] - fake.listV3SpaceRolesByGUIDAndTypeArgsForCall = append(fake.listV3SpaceRolesByGUIDAndTypeArgsForCall, struct { - arg1 string - arg2 string - }{arg1, arg2}) - stub := fake.ListV3SpaceRolesByGUIDAndTypeStub - fakeReturns := fake.listV3SpaceRolesByGUIDAndTypeReturns - fake.recordInvocation("ListV3SpaceRolesByGUIDAndType", []interface{}{arg1, arg2}) - fake.listV3SpaceRolesByGUIDAndTypeMutex.Unlock() - if stub != nil { - return stub(arg1, arg2) - } - if specificReturn { - return ret.result1, ret.result2 - } - return fakeReturns.result1, fakeReturns.result2 -} - -func (fake *FakeCFClient) ListV3SpaceRolesByGUIDAndTypeCallCount() int { - fake.listV3SpaceRolesByGUIDAndTypeMutex.RLock() - defer fake.listV3SpaceRolesByGUIDAndTypeMutex.RUnlock() - return len(fake.listV3SpaceRolesByGUIDAndTypeArgsForCall) -} - -func (fake *FakeCFClient) ListV3SpaceRolesByGUIDAndTypeCalls(stub func(string, string) ([]cfclient.V3User, error)) { - fake.listV3SpaceRolesByGUIDAndTypeMutex.Lock() - defer fake.listV3SpaceRolesByGUIDAndTypeMutex.Unlock() - fake.ListV3SpaceRolesByGUIDAndTypeStub = stub -} - -func (fake *FakeCFClient) ListV3SpaceRolesByGUIDAndTypeArgsForCall(i int) (string, string) { - fake.listV3SpaceRolesByGUIDAndTypeMutex.RLock() - defer fake.listV3SpaceRolesByGUIDAndTypeMutex.RUnlock() - argsForCall := fake.listV3SpaceRolesByGUIDAndTypeArgsForCall[i] - return argsForCall.arg1, argsForCall.arg2 -} - -func (fake *FakeCFClient) ListV3SpaceRolesByGUIDAndTypeReturns(result1 []cfclient.V3User, result2 error) { - fake.listV3SpaceRolesByGUIDAndTypeMutex.Lock() - defer fake.listV3SpaceRolesByGUIDAndTypeMutex.Unlock() - fake.ListV3SpaceRolesByGUIDAndTypeStub = nil - fake.listV3SpaceRolesByGUIDAndTypeReturns = struct { - result1 []cfclient.V3User - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) ListV3SpaceRolesByGUIDAndTypeReturnsOnCall(i int, result1 []cfclient.V3User, result2 error) { - fake.listV3SpaceRolesByGUIDAndTypeMutex.Lock() - defer fake.listV3SpaceRolesByGUIDAndTypeMutex.Unlock() - fake.ListV3SpaceRolesByGUIDAndTypeStub = nil - if fake.listV3SpaceRolesByGUIDAndTypeReturnsOnCall == nil { - fake.listV3SpaceRolesByGUIDAndTypeReturnsOnCall = make(map[int]struct { - result1 []cfclient.V3User - result2 error - }) - } - fake.listV3SpaceRolesByGUIDAndTypeReturnsOnCall[i] = struct { - result1 []cfclient.V3User - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) ListV3UsersByQuery(arg1 url.Values) ([]cfclient.V3User, error) { - fake.listV3UsersByQueryMutex.Lock() - ret, specificReturn := fake.listV3UsersByQueryReturnsOnCall[len(fake.listV3UsersByQueryArgsForCall)] - fake.listV3UsersByQueryArgsForCall = append(fake.listV3UsersByQueryArgsForCall, struct { - arg1 url.Values - }{arg1}) - stub := fake.ListV3UsersByQueryStub - fakeReturns := fake.listV3UsersByQueryReturns - fake.recordInvocation("ListV3UsersByQuery", []interface{}{arg1}) - fake.listV3UsersByQueryMutex.Unlock() - if stub != nil { - return stub(arg1) - } - if specificReturn { - return ret.result1, ret.result2 - } - return fakeReturns.result1, fakeReturns.result2 -} - -func (fake *FakeCFClient) ListV3UsersByQueryCallCount() int { - fake.listV3UsersByQueryMutex.RLock() - defer fake.listV3UsersByQueryMutex.RUnlock() - return len(fake.listV3UsersByQueryArgsForCall) -} - -func (fake *FakeCFClient) ListV3UsersByQueryCalls(stub func(url.Values) ([]cfclient.V3User, error)) { - fake.listV3UsersByQueryMutex.Lock() - defer fake.listV3UsersByQueryMutex.Unlock() - fake.ListV3UsersByQueryStub = stub -} - -func (fake *FakeCFClient) ListV3UsersByQueryArgsForCall(i int) url.Values { - fake.listV3UsersByQueryMutex.RLock() - defer fake.listV3UsersByQueryMutex.RUnlock() - argsForCall := fake.listV3UsersByQueryArgsForCall[i] - return argsForCall.arg1 -} - -func (fake *FakeCFClient) ListV3UsersByQueryReturns(result1 []cfclient.V3User, result2 error) { - fake.listV3UsersByQueryMutex.Lock() - defer fake.listV3UsersByQueryMutex.Unlock() - fake.ListV3UsersByQueryStub = nil - fake.listV3UsersByQueryReturns = struct { - result1 []cfclient.V3User - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) ListV3UsersByQueryReturnsOnCall(i int, result1 []cfclient.V3User, result2 error) { - fake.listV3UsersByQueryMutex.Lock() - defer fake.listV3UsersByQueryMutex.Unlock() - fake.ListV3UsersByQueryStub = nil - if fake.listV3UsersByQueryReturnsOnCall == nil { - fake.listV3UsersByQueryReturnsOnCall = make(map[int]struct { - result1 []cfclient.V3User - result2 error - }) - } - fake.listV3UsersByQueryReturnsOnCall[i] = struct { - result1 []cfclient.V3User - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) SupportsSpaceSupporterRole() (bool, error) { - fake.supportsSpaceSupporterRoleMutex.Lock() - ret, specificReturn := fake.supportsSpaceSupporterRoleReturnsOnCall[len(fake.supportsSpaceSupporterRoleArgsForCall)] - fake.supportsSpaceSupporterRoleArgsForCall = append(fake.supportsSpaceSupporterRoleArgsForCall, struct { - }{}) - stub := fake.SupportsSpaceSupporterRoleStub - fakeReturns := fake.supportsSpaceSupporterRoleReturns - fake.recordInvocation("SupportsSpaceSupporterRole", []interface{}{}) - fake.supportsSpaceSupporterRoleMutex.Unlock() - if stub != nil { - return stub() - } - if specificReturn { - return ret.result1, ret.result2 - } - return fakeReturns.result1, fakeReturns.result2 -} - -func (fake *FakeCFClient) SupportsSpaceSupporterRoleCallCount() int { - fake.supportsSpaceSupporterRoleMutex.RLock() - defer fake.supportsSpaceSupporterRoleMutex.RUnlock() - return len(fake.supportsSpaceSupporterRoleArgsForCall) -} - -func (fake *FakeCFClient) SupportsSpaceSupporterRoleCalls(stub func() (bool, error)) { - fake.supportsSpaceSupporterRoleMutex.Lock() - defer fake.supportsSpaceSupporterRoleMutex.Unlock() - fake.SupportsSpaceSupporterRoleStub = stub -} - -func (fake *FakeCFClient) SupportsSpaceSupporterRoleReturns(result1 bool, result2 error) { - fake.supportsSpaceSupporterRoleMutex.Lock() - defer fake.supportsSpaceSupporterRoleMutex.Unlock() - fake.SupportsSpaceSupporterRoleStub = nil - fake.supportsSpaceSupporterRoleReturns = struct { - result1 bool - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) SupportsSpaceSupporterRoleReturnsOnCall(i int, result1 bool, result2 error) { - fake.supportsSpaceSupporterRoleMutex.Lock() - defer fake.supportsSpaceSupporterRoleMutex.Unlock() - fake.SupportsSpaceSupporterRoleStub = nil - if fake.supportsSpaceSupporterRoleReturnsOnCall == nil { - fake.supportsSpaceSupporterRoleReturnsOnCall = make(map[int]struct { - result1 bool - result2 error - }) - } - fake.supportsSpaceSupporterRoleReturnsOnCall[i] = struct { - result1 bool - result2 error - }{result1, result2} -} - -func (fake *FakeCFClient) Invocations() map[string][][]interface{} { - fake.invocationsMutex.RLock() - defer fake.invocationsMutex.RUnlock() - fake.createV3OrganizationRoleMutex.RLock() - defer fake.createV3OrganizationRoleMutex.RUnlock() - fake.createV3SpaceRoleMutex.RLock() - defer fake.createV3SpaceRoleMutex.RUnlock() - fake.deleteUserMutex.RLock() - defer fake.deleteUserMutex.RUnlock() - fake.deleteV3RoleMutex.RLock() - defer fake.deleteV3RoleMutex.RUnlock() - fake.listSpacesByQueryMutex.RLock() - defer fake.listSpacesByQueryMutex.RUnlock() - fake.listV3OrganizationRolesByGUIDAndTypeMutex.RLock() - defer fake.listV3OrganizationRolesByGUIDAndTypeMutex.RUnlock() - fake.listV3RolesByQueryMutex.RLock() - defer fake.listV3RolesByQueryMutex.RUnlock() - fake.listV3SpaceRolesByGUIDAndTypeMutex.RLock() - defer fake.listV3SpaceRolesByGUIDAndTypeMutex.RUnlock() - fake.listV3UsersByQueryMutex.RLock() - defer fake.listV3UsersByQueryMutex.RUnlock() - fake.supportsSpaceSupporterRoleMutex.RLock() - defer fake.supportsSpaceSupporterRoleMutex.RUnlock() - copiedInvocations := map[string][][]interface{}{} - for key, value := range fake.invocations { - copiedInvocations[key] = value - } - return copiedInvocations -} - -func (fake *FakeCFClient) recordInvocation(key string, args []interface{}) { - fake.invocationsMutex.Lock() - defer fake.invocationsMutex.Unlock() - if fake.invocations == nil { - fake.invocations = map[string][][]interface{}{} - } - if fake.invocations[key] == nil { - fake.invocations[key] = [][]interface{}{} - } - fake.invocations[key] = append(fake.invocations[key], args) -} - -var _ user.CFClient = new(FakeCFClient) diff --git a/user/fakes/fake_mgr.go b/user/fakes/fake_mgr.go index 99680578..77236a67 100644 --- a/user/fakes/fake_mgr.go +++ b/user/fakes/fake_mgr.go @@ -18,67 +18,6 @@ type FakeManager struct { cleanupOrgUsersReturnsOnCall map[int]struct { result1 []error } - DeinitializeLdapStub func() error - deinitializeLdapMutex sync.RWMutex - deinitializeLdapArgsForCall []struct { - } - deinitializeLdapReturns struct { - result1 error - } - deinitializeLdapReturnsOnCall map[int]struct { - result1 error - } - InitializeLdapStub func(string, string, string) error - initializeLdapMutex sync.RWMutex - initializeLdapArgsForCall []struct { - arg1 string - arg2 string - arg3 string - } - initializeLdapReturns struct { - result1 error - } - initializeLdapReturnsOnCall map[int]struct { - result1 error - } - ListOrgUsersByRoleStub func(string) (*user.RoleUsers, *user.RoleUsers, *user.RoleUsers, *user.RoleUsers, error) - listOrgUsersByRoleMutex sync.RWMutex - listOrgUsersByRoleArgsForCall []struct { - arg1 string - } - listOrgUsersByRoleReturns struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - } - listOrgUsersByRoleReturnsOnCall map[int]struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - } - ListSpaceUsersByRoleStub func(string) (*user.RoleUsers, *user.RoleUsers, *user.RoleUsers, *user.RoleUsers, error) - listSpaceUsersByRoleMutex sync.RWMutex - listSpaceUsersByRoleArgsForCall []struct { - arg1 string - } - listSpaceUsersByRoleReturns struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - } - listSpaceUsersByRoleReturnsOnCall map[int]struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - } UpdateOrgUsersStub func() []error updateOrgUsersMutex sync.RWMutex updateOrgUsersArgsForCall []struct { @@ -156,268 +95,6 @@ func (fake *FakeManager) CleanupOrgUsersReturnsOnCall(i int, result1 []error) { }{result1} } -func (fake *FakeManager) DeinitializeLdap() error { - fake.deinitializeLdapMutex.Lock() - ret, specificReturn := fake.deinitializeLdapReturnsOnCall[len(fake.deinitializeLdapArgsForCall)] - fake.deinitializeLdapArgsForCall = append(fake.deinitializeLdapArgsForCall, struct { - }{}) - stub := fake.DeinitializeLdapStub - fakeReturns := fake.deinitializeLdapReturns - fake.recordInvocation("DeinitializeLdap", []interface{}{}) - fake.deinitializeLdapMutex.Unlock() - if stub != nil { - return stub() - } - if specificReturn { - return ret.result1 - } - return fakeReturns.result1 -} - -func (fake *FakeManager) DeinitializeLdapCallCount() int { - fake.deinitializeLdapMutex.RLock() - defer fake.deinitializeLdapMutex.RUnlock() - return len(fake.deinitializeLdapArgsForCall) -} - -func (fake *FakeManager) DeinitializeLdapCalls(stub func() error) { - fake.deinitializeLdapMutex.Lock() - defer fake.deinitializeLdapMutex.Unlock() - fake.DeinitializeLdapStub = stub -} - -func (fake *FakeManager) DeinitializeLdapReturns(result1 error) { - fake.deinitializeLdapMutex.Lock() - defer fake.deinitializeLdapMutex.Unlock() - fake.DeinitializeLdapStub = nil - fake.deinitializeLdapReturns = struct { - result1 error - }{result1} -} - -func (fake *FakeManager) DeinitializeLdapReturnsOnCall(i int, result1 error) { - fake.deinitializeLdapMutex.Lock() - defer fake.deinitializeLdapMutex.Unlock() - fake.DeinitializeLdapStub = nil - if fake.deinitializeLdapReturnsOnCall == nil { - fake.deinitializeLdapReturnsOnCall = make(map[int]struct { - result1 error - }) - } - fake.deinitializeLdapReturnsOnCall[i] = struct { - result1 error - }{result1} -} - -func (fake *FakeManager) InitializeLdap(arg1 string, arg2 string, arg3 string) error { - fake.initializeLdapMutex.Lock() - ret, specificReturn := fake.initializeLdapReturnsOnCall[len(fake.initializeLdapArgsForCall)] - fake.initializeLdapArgsForCall = append(fake.initializeLdapArgsForCall, struct { - arg1 string - arg2 string - arg3 string - }{arg1, arg2, arg3}) - stub := fake.InitializeLdapStub - fakeReturns := fake.initializeLdapReturns - fake.recordInvocation("InitializeLdap", []interface{}{arg1, arg2, arg3}) - fake.initializeLdapMutex.Unlock() - if stub != nil { - return stub(arg1, arg2, arg3) - } - if specificReturn { - return ret.result1 - } - return fakeReturns.result1 -} - -func (fake *FakeManager) InitializeLdapCallCount() int { - fake.initializeLdapMutex.RLock() - defer fake.initializeLdapMutex.RUnlock() - return len(fake.initializeLdapArgsForCall) -} - -func (fake *FakeManager) InitializeLdapCalls(stub func(string, string, string) error) { - fake.initializeLdapMutex.Lock() - defer fake.initializeLdapMutex.Unlock() - fake.InitializeLdapStub = stub -} - -func (fake *FakeManager) InitializeLdapArgsForCall(i int) (string, string, string) { - fake.initializeLdapMutex.RLock() - defer fake.initializeLdapMutex.RUnlock() - argsForCall := fake.initializeLdapArgsForCall[i] - return argsForCall.arg1, argsForCall.arg2, argsForCall.arg3 -} - -func (fake *FakeManager) InitializeLdapReturns(result1 error) { - fake.initializeLdapMutex.Lock() - defer fake.initializeLdapMutex.Unlock() - fake.InitializeLdapStub = nil - fake.initializeLdapReturns = struct { - result1 error - }{result1} -} - -func (fake *FakeManager) InitializeLdapReturnsOnCall(i int, result1 error) { - fake.initializeLdapMutex.Lock() - defer fake.initializeLdapMutex.Unlock() - fake.InitializeLdapStub = nil - if fake.initializeLdapReturnsOnCall == nil { - fake.initializeLdapReturnsOnCall = make(map[int]struct { - result1 error - }) - } - fake.initializeLdapReturnsOnCall[i] = struct { - result1 error - }{result1} -} - -func (fake *FakeManager) ListOrgUsersByRole(arg1 string) (*user.RoleUsers, *user.RoleUsers, *user.RoleUsers, *user.RoleUsers, error) { - fake.listOrgUsersByRoleMutex.Lock() - ret, specificReturn := fake.listOrgUsersByRoleReturnsOnCall[len(fake.listOrgUsersByRoleArgsForCall)] - fake.listOrgUsersByRoleArgsForCall = append(fake.listOrgUsersByRoleArgsForCall, struct { - arg1 string - }{arg1}) - stub := fake.ListOrgUsersByRoleStub - fakeReturns := fake.listOrgUsersByRoleReturns - fake.recordInvocation("ListOrgUsersByRole", []interface{}{arg1}) - fake.listOrgUsersByRoleMutex.Unlock() - if stub != nil { - return stub(arg1) - } - if specificReturn { - return ret.result1, ret.result2, ret.result3, ret.result4, ret.result5 - } - return fakeReturns.result1, fakeReturns.result2, fakeReturns.result3, fakeReturns.result4, fakeReturns.result5 -} - -func (fake *FakeManager) ListOrgUsersByRoleCallCount() int { - fake.listOrgUsersByRoleMutex.RLock() - defer fake.listOrgUsersByRoleMutex.RUnlock() - return len(fake.listOrgUsersByRoleArgsForCall) -} - -func (fake *FakeManager) ListOrgUsersByRoleCalls(stub func(string) (*user.RoleUsers, *user.RoleUsers, *user.RoleUsers, *user.RoleUsers, error)) { - fake.listOrgUsersByRoleMutex.Lock() - defer fake.listOrgUsersByRoleMutex.Unlock() - fake.ListOrgUsersByRoleStub = stub -} - -func (fake *FakeManager) ListOrgUsersByRoleArgsForCall(i int) string { - fake.listOrgUsersByRoleMutex.RLock() - defer fake.listOrgUsersByRoleMutex.RUnlock() - argsForCall := fake.listOrgUsersByRoleArgsForCall[i] - return argsForCall.arg1 -} - -func (fake *FakeManager) ListOrgUsersByRoleReturns(result1 *user.RoleUsers, result2 *user.RoleUsers, result3 *user.RoleUsers, result4 *user.RoleUsers, result5 error) { - fake.listOrgUsersByRoleMutex.Lock() - defer fake.listOrgUsersByRoleMutex.Unlock() - fake.ListOrgUsersByRoleStub = nil - fake.listOrgUsersByRoleReturns = struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - }{result1, result2, result3, result4, result5} -} - -func (fake *FakeManager) ListOrgUsersByRoleReturnsOnCall(i int, result1 *user.RoleUsers, result2 *user.RoleUsers, result3 *user.RoleUsers, result4 *user.RoleUsers, result5 error) { - fake.listOrgUsersByRoleMutex.Lock() - defer fake.listOrgUsersByRoleMutex.Unlock() - fake.ListOrgUsersByRoleStub = nil - if fake.listOrgUsersByRoleReturnsOnCall == nil { - fake.listOrgUsersByRoleReturnsOnCall = make(map[int]struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - }) - } - fake.listOrgUsersByRoleReturnsOnCall[i] = struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - }{result1, result2, result3, result4, result5} -} - -func (fake *FakeManager) ListSpaceUsersByRole(arg1 string) (*user.RoleUsers, *user.RoleUsers, *user.RoleUsers, *user.RoleUsers, error) { - fake.listSpaceUsersByRoleMutex.Lock() - ret, specificReturn := fake.listSpaceUsersByRoleReturnsOnCall[len(fake.listSpaceUsersByRoleArgsForCall)] - fake.listSpaceUsersByRoleArgsForCall = append(fake.listSpaceUsersByRoleArgsForCall, struct { - arg1 string - }{arg1}) - stub := fake.ListSpaceUsersByRoleStub - fakeReturns := fake.listSpaceUsersByRoleReturns - fake.recordInvocation("ListSpaceUsersByRole", []interface{}{arg1}) - fake.listSpaceUsersByRoleMutex.Unlock() - if stub != nil { - return stub(arg1) - } - if specificReturn { - return ret.result1, ret.result2, ret.result3, ret.result4, ret.result5 - } - return fakeReturns.result1, fakeReturns.result2, fakeReturns.result3, fakeReturns.result4, fakeReturns.result5 -} - -func (fake *FakeManager) ListSpaceUsersByRoleCallCount() int { - fake.listSpaceUsersByRoleMutex.RLock() - defer fake.listSpaceUsersByRoleMutex.RUnlock() - return len(fake.listSpaceUsersByRoleArgsForCall) -} - -func (fake *FakeManager) ListSpaceUsersByRoleCalls(stub func(string) (*user.RoleUsers, *user.RoleUsers, *user.RoleUsers, *user.RoleUsers, error)) { - fake.listSpaceUsersByRoleMutex.Lock() - defer fake.listSpaceUsersByRoleMutex.Unlock() - fake.ListSpaceUsersByRoleStub = stub -} - -func (fake *FakeManager) ListSpaceUsersByRoleArgsForCall(i int) string { - fake.listSpaceUsersByRoleMutex.RLock() - defer fake.listSpaceUsersByRoleMutex.RUnlock() - argsForCall := fake.listSpaceUsersByRoleArgsForCall[i] - return argsForCall.arg1 -} - -func (fake *FakeManager) ListSpaceUsersByRoleReturns(result1 *user.RoleUsers, result2 *user.RoleUsers, result3 *user.RoleUsers, result4 *user.RoleUsers, result5 error) { - fake.listSpaceUsersByRoleMutex.Lock() - defer fake.listSpaceUsersByRoleMutex.Unlock() - fake.ListSpaceUsersByRoleStub = nil - fake.listSpaceUsersByRoleReturns = struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - }{result1, result2, result3, result4, result5} -} - -func (fake *FakeManager) ListSpaceUsersByRoleReturnsOnCall(i int, result1 *user.RoleUsers, result2 *user.RoleUsers, result3 *user.RoleUsers, result4 *user.RoleUsers, result5 error) { - fake.listSpaceUsersByRoleMutex.Lock() - defer fake.listSpaceUsersByRoleMutex.Unlock() - fake.ListSpaceUsersByRoleStub = nil - if fake.listSpaceUsersByRoleReturnsOnCall == nil { - fake.listSpaceUsersByRoleReturnsOnCall = make(map[int]struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - }) - } - fake.listSpaceUsersByRoleReturnsOnCall[i] = struct { - result1 *user.RoleUsers - result2 *user.RoleUsers - result3 *user.RoleUsers - result4 *user.RoleUsers - result5 error - }{result1, result2, result3, result4, result5} -} - func (fake *FakeManager) UpdateOrgUsers() []error { fake.updateOrgUsersMutex.Lock() ret, specificReturn := fake.updateOrgUsersReturnsOnCall[len(fake.updateOrgUsersArgsForCall)] @@ -529,14 +206,6 @@ func (fake *FakeManager) Invocations() map[string][][]interface{} { defer fake.invocationsMutex.RUnlock() fake.cleanupOrgUsersMutex.RLock() defer fake.cleanupOrgUsersMutex.RUnlock() - fake.deinitializeLdapMutex.RLock() - defer fake.deinitializeLdapMutex.RUnlock() - fake.initializeLdapMutex.RLock() - defer fake.initializeLdapMutex.RUnlock() - fake.listOrgUsersByRoleMutex.RLock() - defer fake.listOrgUsersByRoleMutex.RUnlock() - fake.listSpaceUsersByRoleMutex.RLock() - defer fake.listSpaceUsersByRoleMutex.RUnlock() fake.updateOrgUsersMutex.RLock() defer fake.updateOrgUsersMutex.RUnlock() fake.updateSpaceUsersMutex.RLock() diff --git a/user/ldap_users.go b/user/ldap_users.go index f8285f1d..1b1f8c78 100644 --- a/user/ldap_users.go +++ b/user/ldap_users.go @@ -7,11 +7,12 @@ import ( "github.com/pkg/errors" "github.com/vmwarepivotallabs/cf-mgmt/ldap" + "github.com/vmwarepivotallabs/cf-mgmt/role" "github.com/vmwarepivotallabs/cf-mgmt/uaa" "github.com/xchapter7x/lo" ) -func (m *DefaultManager) SyncLdapUsers(roleUsers *RoleUsers, usersInput UsersInput) error { +func (m *DefaultManager) SyncLdapUsers(roleUsers *role.RoleUsers, usersInput UsersInput) error { origin := m.LdapConfig.Origin if m.LdapConfig.Enabled { uaaUsers, err := m.GetUAAUsers() @@ -48,7 +49,7 @@ func (m *DefaultManager) SyncLdapUsers(roleUsers *RoleUsers, usersInput UsersInp return fmt.Errorf("unable to find user %s for origin %s", userID, origin) } m.dumpRoleUsers(fmt.Sprintf("Adding user [%s] with guid[%s] with origin [%s] as doesn't exist in users for %s/%s - Role %s for entity with guid[%s/%s]", userID, user.GUID, origin, usersInput.OrgName, usersInput.SpaceName, usersInput.Role, usersInput.OrgGUID, usersInput.SpaceGUID), roleUsers.Users()) - if err := usersInput.AddUser(usersInput, user.Username, user.GUID); err != nil { + if err := usersInput.AddUser(usersInput.OrgGUID, usersInput.EntityName(), usersInput.EntityGUID(), user.Username, user.GUID); err != nil { return errors.Wrap(err, fmt.Sprintf("User %s with origin %s", user.Username, user.Origin)) } } else { diff --git a/user/ldap_users_test.go b/user/ldap_users_test.go index 7b20a1c3..4285afe1 100644 --- a/user/ldap_users_test.go +++ b/user/ldap_users_test.go @@ -3,13 +3,15 @@ package user_test import ( "errors" - cfclient "github.com/cloudfoundry-community/go-cfclient" + "github.com/cloudfoundry-community/go-cfclient/v3/resource" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/vmwarepivotallabs/cf-mgmt/config" configfakes "github.com/vmwarepivotallabs/cf-mgmt/config/fakes" ldap "github.com/vmwarepivotallabs/cf-mgmt/ldap" orgfakes "github.com/vmwarepivotallabs/cf-mgmt/organizationreader/fakes" + "github.com/vmwarepivotallabs/cf-mgmt/role" + rolefakes "github.com/vmwarepivotallabs/cf-mgmt/role/fakes" spacefakes "github.com/vmwarepivotallabs/cf-mgmt/space/fakes" "github.com/vmwarepivotallabs/cf-mgmt/uaa" uaafakes "github.com/vmwarepivotallabs/cf-mgmt/uaa/fakes" @@ -20,36 +22,37 @@ import ( var _ = Describe("given UserSpaces", func() { var ( userManager *DefaultManager - client *fakes.FakeCFClient ldapFake *fakes.FakeLdapManager uaaFake *uaafakes.FakeManager fakeReader *configfakes.FakeReader spaceFake *spacefakes.FakeManager orgFake *orgfakes.FakeReader + roleMgrFake *rolefakes.FakeManager ) BeforeEach(func() { - client = new(fakes.FakeCFClient) ldapFake = new(fakes.FakeLdapManager) uaaFake = new(uaafakes.FakeManager) fakeReader = new(configfakes.FakeReader) spaceFake = new(spacefakes.FakeManager) orgFake = new(orgfakes.FakeReader) + roleMgrFake = new(rolefakes.FakeManager) }) Context("User Manager()", func() { BeforeEach(func() { userManager = &DefaultManager{ - Client: client, Cfg: fakeReader, UAAMgr: uaaFake, LdapMgr: ldapFake, SpaceMgr: spaceFake, OrgReader: orgFake, Peek: false, + RoleMgr: roleMgrFake, LdapConfig: &config.LdapConfig{Origin: "ldap"}, } + roleMgrFake.ListOrgUsersByRoleReturns(role.InitRoleUsers(), role.InitRoleUsers(), role.InitRoleUsers(), role.InitRoleUsers(), nil) }) Context("SyncLdapUsers", func() { - var roleUsers *RoleUsers + var roleUsers *role.RoleUsers BeforeEach(func() { userManager.LdapConfig = &config.LdapConfig{ @@ -59,7 +62,7 @@ var _ = Describe("given UserSpaces", func() { uaaUsers := &uaa.Users{} uaaUsers.Add(uaa.User{Username: "test_ldap", Origin: "ldap", ExternalID: "cn=test_ldap", GUID: "test_ldap-id"}) uaaUsers.Add(uaa.User{Username: "test_ldap2", Origin: "ldap", ExternalID: "cn=test_ldap2", GUID: "test_ldap2-id"}) - roleUsers, _ = NewRoleUsers([]cfclient.V3User{ + roleUsers, _ = role.NewRoleUsers([]*resource.User{ {Username: "test_ldap", GUID: "test_ldap-id"}, }, uaaUsers) userManager.UAAUsers = uaaUsers @@ -70,8 +73,10 @@ var _ = Describe("given UserSpaces", func() { LdapGroupNames: []string{}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + SpaceName: "spaceName", + OrgName: "orgName", + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } ldapFake.GetUserByIDReturns( @@ -84,17 +89,14 @@ var _ = Describe("given UserSpaces", func() { err := userManager.SyncLdapUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(1)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(1)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(1)) + orgGUID, spaceName, spaceGUID, userName, userGUID := roleMgrFake.AssociateSpaceAuditorArgsForCall(0) Expect(orgGUID).Should(Equal("org_guid")) Expect(userGUID).Should(Equal("test_ldap2-id")) - Expect(role).To(Equal(ORG_USER)) - - spaceGUID, userGUID, roleType := client.CreateV3SpaceRoleArgsForCall(0) Expect(spaceGUID).Should(Equal("space_guid")) - Expect(userGUID).Should(Equal("test_ldap2-id")) - Expect(roleType).Should(Equal(SPACE_AUDITOR)) + Expect(spaceName).Should(Equal("orgName/spaceName")) + Expect(userName).Should(Equal("test_ldap2")) + }) It("Should add ldap user to role", func() { @@ -106,7 +108,7 @@ var _ = Describe("given UserSpaces", func() { uaaUsers := &uaa.Users{} uaaUsers.Add(uaa.User{Username: "test_ldap", Origin: "ldap", ExternalID: "cn=test_ldap", GUID: "test_ldap-id"}) uaaUsers.Add(uaa.User{Username: "test_ldap2", Origin: "ldap", ExternalID: "cn=test_ldap2", GUID: "test_ldap2-id"}) - roleUsers, _ = NewRoleUsers([]cfclient.V3User{ + roleUsers, _ = role.NewRoleUsers([]*resource.User{ {Username: "test_ldap", GUID: "test_ldap-id"}, }, uaaUsers) @@ -116,8 +118,10 @@ var _ = Describe("given UserSpaces", func() { LdapGroupNames: []string{}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + SpaceName: "spaceName", + OrgName: "orgName", + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } ldapFake.GetUserByIDReturns( @@ -130,17 +134,13 @@ var _ = Describe("given UserSpaces", func() { err := userManager.SyncLdapUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(1)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(1)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(1)) + orgGUID, spaceName, spaceGUID, userName, userGUID := roleMgrFake.AssociateSpaceAuditorArgsForCall(0) Expect(orgGUID).Should(Equal("org_guid")) Expect(userGUID).Should(Equal("test_ldap2-id")) - Expect(role).To(Equal(ORG_USER)) - - spaceGUID, userGUID, roleType := client.CreateV3SpaceRoleArgsForCall(0) Expect(spaceGUID).Should(Equal("space_guid")) - Expect(userGUID).Should(Equal("test_ldap2-id")) - Expect(roleType).Should(Equal(SPACE_AUDITOR)) + Expect(spaceName).Should(Equal("orgName/spaceName")) + Expect(userName).Should(Equal("test_ldap2")) }) It("Should add ldap group member to role", func() { @@ -149,8 +149,10 @@ var _ = Describe("given UserSpaces", func() { LdapGroupNames: []string{"test_group"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + SpaceName: "spaceName", + OrgName: "orgName", + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } ldapFake.GetUserDNsReturns([]string{"cn=ldap_test_dn"}, nil) @@ -164,17 +166,13 @@ var _ = Describe("given UserSpaces", func() { err := userManager.SyncLdapUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(1)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(1)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(1)) + orgGUID, spaceName, spaceGUID, userName, userGUID := roleMgrFake.AssociateSpaceAuditorArgsForCall(0) Expect(orgGUID).Should(Equal("org_guid")) Expect(userGUID).Should(Equal("test_ldap2-id")) - Expect(role).To(Equal(ORG_USER)) - - spaceGUID, userGUID, roleType := client.CreateV3SpaceRoleArgsForCall(0) Expect(spaceGUID).Should(Equal("space_guid")) - Expect(userGUID).Should(Equal("test_ldap2-id")) - Expect(roleType).Should(Equal(SPACE_AUDITOR)) + Expect(spaceName).Should(Equal("orgName/spaceName")) + Expect(userName).Should(Equal("test_ldap2")) }) It("Should not add existing ldap user to role", func() { @@ -182,8 +180,8 @@ var _ = Describe("given UserSpaces", func() { LdapUsers: []string{"test_ldap"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } ldapFake.GetUserByIDReturns( &ldap.User{ @@ -194,16 +192,15 @@ var _ = Describe("given UserSpaces", func() { nil) err := userManager.SyncLdapUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(0)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(0)) }) It("Should create external user when user doesn't exist in uaa", func() { updateUsersInput := UsersInput{ LdapUsers: []string{"test_ldap_new"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } ldapFake.GetUserByIDReturns( &ldap.User{ @@ -227,8 +224,8 @@ var _ = Describe("given UserSpaces", func() { LdapUsers: []string{"test_ldap3"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } ldapFake.GetUserByIDReturns( &ldap.User{ @@ -249,8 +246,8 @@ var _ = Describe("given UserSpaces", func() { LdapUsers: []string{"test_ldap3"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } ldapFake.GetUserByIDReturns( &ldap.User{ @@ -259,12 +256,11 @@ var _ = Describe("given UserSpaces", func() { Email: "test@test.com", }, nil) - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) + roleMgrFake.AssociateSpaceAuditorReturns(errors.New("error")) err := userManager.SyncLdapUsers(roleUsers, updateUsersInput) Expect(err).Should(HaveOccurred()) Expect(err.Error()).Should(Equal("User test_ldap3 with origin ldap: error")) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(1)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(1)) }) It("Should not query ldap if user exists in UAA", func() { @@ -272,14 +268,13 @@ var _ = Describe("given UserSpaces", func() { LdapUsers: []string{"test_ldap2"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } err := userManager.SyncLdapUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(1)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(1)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(1)) Expect(ldapFake.GetUserByIDCallCount()).Should(Equal(0)) }) @@ -289,14 +284,13 @@ var _ = Describe("given UserSpaces", func() { LdapGroupNames: []string{"test_group"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } ldapFake.GetUserDNsReturns([]string{"cn=test_ldap2"}, nil) err := userManager.SyncLdapUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(1)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(1)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(1)) Expect(ldapFake.GetUserDNsCallCount()).Should(Equal(1)) Expect(ldapFake.GetUserByIDCallCount()).Should(Equal(0)) Expect(ldapFake.GetUserByDNCallCount()).Should(Equal(0)) @@ -306,15 +300,14 @@ var _ = Describe("given UserSpaces", func() { LdapUsers: []string{"test_ldap3"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } ldapFake.GetUserByIDReturns(nil, errors.New("error")) err := userManager.SyncLdapUsers(roleUsers, updateUsersInput) Expect(err).Should(HaveOccurred()) Expect(err.Error()).Should(Equal("error")) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(0)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(0)) }) }) Context("UpdateUserInfo", func() { diff --git a/user/role_users_test.go b/user/role_users_test.go deleted file mode 100644 index c3e161bb..00000000 --- a/user/role_users_test.go +++ /dev/null @@ -1,92 +0,0 @@ -package user_test - -import ( - cfclient "github.com/cloudfoundry-community/go-cfclient" - "github.com/vmwarepivotallabs/cf-mgmt/config" - "github.com/vmwarepivotallabs/cf-mgmt/uaa" - . "github.com/vmwarepivotallabs/cf-mgmt/user" - "github.com/vmwarepivotallabs/cf-mgmt/user/fakes" - - . "github.com/onsi/ginkgo" - - . "github.com/onsi/gomega" - configfakes "github.com/vmwarepivotallabs/cf-mgmt/config/fakes" - orgfakes "github.com/vmwarepivotallabs/cf-mgmt/organizationreader/fakes" - spacefakes "github.com/vmwarepivotallabs/cf-mgmt/space/fakes" - uaafakes "github.com/vmwarepivotallabs/cf-mgmt/uaa/fakes" -) - -var _ = Describe("RoleUsers", func() { - var ( - userManager *DefaultManager - client *fakes.FakeCFClient - ldapFake *fakes.FakeLdapManager - uaaFake *uaafakes.FakeManager - fakeReader *configfakes.FakeReader - spaceFake *spacefakes.FakeManager - orgFake *orgfakes.FakeReader - ) - BeforeEach(func() { - client = new(fakes.FakeCFClient) - ldapFake = new(fakes.FakeLdapManager) - uaaFake = new(uaafakes.FakeManager) - fakeReader = new(configfakes.FakeReader) - spaceFake = new(spacefakes.FakeManager) - orgFake = new(orgfakes.FakeReader) - userManager = &DefaultManager{ - Client: client, - Cfg: fakeReader, - UAAMgr: uaaFake, - LdapMgr: ldapFake, - SpaceMgr: spaceFake, - OrgReader: orgFake, - Peek: false, - LdapConfig: &config.LdapConfig{Origin: "ldap"}, - } - userList := []cfclient.V3User{ - { - Username: "hello", - GUID: "world", - }, - { - Username: "hello2", - GUID: "world2", - }, - } - uaaUsers := &uaa.Users{} - uaaUsers.Add(uaa.User{ - Username: "test", - Origin: "uaa", - GUID: "test-guid", - }) - uaaUsers.Add(uaa.User{ - Username: "test-2", - Origin: "uaa", - GUID: "test2-guid", - }) - uaaUsers.Add(uaa.User{ - Username: "hello", - Origin: "uaa", - GUID: "world", - }) - uaaUsers.Add(uaa.User{ - Username: "hello2", - Origin: "uaa", - GUID: "world2", - }) - userManager.UAAUsers = uaaUsers - userMap := make(map[string]cfclient.V3User) - for _, user := range userList { - userMap[user.GUID] = user - } - userManager.CFUsers = userMap - }) - Context("List Space Users", func() { - BeforeEach(func() { - - }) - It("Return list of users by role", func() { - Expect(true).Should(BeTrue()) - }) - }) -}) diff --git a/user/saml_users.go b/user/saml_users.go index ddcef46d..f627a261 100644 --- a/user/saml_users.go +++ b/user/saml_users.go @@ -4,11 +4,12 @@ import ( "fmt" "github.com/pkg/errors" + "github.com/vmwarepivotallabs/cf-mgmt/role" "github.com/vmwarepivotallabs/cf-mgmt/uaa" "github.com/xchapter7x/lo" ) -func (m *DefaultManager) SyncSamlUsers(roleUsers *RoleUsers, usersInput UsersInput) error { +func (m *DefaultManager) SyncSamlUsers(roleUsers *role.RoleUsers, usersInput UsersInput) error { origin := m.LdapConfig.Origin uaaUsers, err := m.GetUAAUsers() if err != nil { @@ -37,7 +38,7 @@ func (m *DefaultManager) SyncSamlUsers(roleUsers *RoleUsers, usersInput UsersInp } if !roleUsers.HasUserForOrigin(userEmail, user.Origin) { m.dumpRoleUsers(fmt.Sprintf("Adding user [%s] with guid[%s] with origin [%s] as doesn't exist in users for %s/%s - Role %s", userEmail, user.GUID, origin, usersInput.OrgName, usersInput.SpaceName, usersInput.Role), roleUsers.Users()) - if err := usersInput.AddUser(usersInput, user.Username, user.GUID); err != nil { + if err := usersInput.AddUser(usersInput.OrgGUID, usersInput.EntityName(), usersInput.EntityGUID(), user.Username, user.GUID); err != nil { return errors.Wrap(err, fmt.Sprintf("User %s with origin %s", user.Username, user.Origin)) } } else { diff --git a/user/saml_users_test.go b/user/saml_users_test.go index 12d54a45..73b9356f 100644 --- a/user/saml_users_test.go +++ b/user/saml_users_test.go @@ -3,10 +3,12 @@ package user_test import ( "errors" - cfclient "github.com/cloudfoundry-community/go-cfclient" + "github.com/cloudfoundry-community/go-cfclient/v3/resource" "github.com/vmwarepivotallabs/cf-mgmt/config" configfakes "github.com/vmwarepivotallabs/cf-mgmt/config/fakes" orgfakes "github.com/vmwarepivotallabs/cf-mgmt/organizationreader/fakes" + "github.com/vmwarepivotallabs/cf-mgmt/role" + rolefakes "github.com/vmwarepivotallabs/cf-mgmt/role/fakes" spacefakes "github.com/vmwarepivotallabs/cf-mgmt/space/fakes" "github.com/vmwarepivotallabs/cf-mgmt/uaa" uaafakes "github.com/vmwarepivotallabs/cf-mgmt/uaa/fakes" @@ -20,41 +22,42 @@ import ( var _ = Describe("SamlUsers", func() { var ( userManager *DefaultManager - client *fakes.FakeCFClient ldapFake *fakes.FakeLdapManager uaaFake *uaafakes.FakeManager fakeReader *configfakes.FakeReader spaceFake *spacefakes.FakeManager orgFake *orgfakes.FakeReader + roleMgrFake *rolefakes.FakeManager ) BeforeEach(func() { - client = new(fakes.FakeCFClient) ldapFake = new(fakes.FakeLdapManager) uaaFake = new(uaafakes.FakeManager) fakeReader = new(configfakes.FakeReader) spaceFake = new(spacefakes.FakeManager) orgFake = new(orgfakes.FakeReader) + roleMgrFake = new(rolefakes.FakeManager) userManager = &DefaultManager{ - Client: client, Cfg: fakeReader, UAAMgr: uaaFake, LdapMgr: ldapFake, SpaceMgr: spaceFake, OrgReader: orgFake, Peek: false, + RoleMgr: roleMgrFake, LdapConfig: &config.LdapConfig{Origin: "saml_origin"}, } + roleMgrFake.ListOrgUsersByRoleReturns(role.InitRoleUsers(), role.InitRoleUsers(), role.InitRoleUsers(), role.InitRoleUsers(), nil) }) Context("SyncSamlUsers", func() { - var roleUsers *RoleUsers + var roleUsers *role.RoleUsers BeforeEach(func() { userManager.LdapConfig = &config.LdapConfig{Origin: "saml_origin"} uaaUsers := &uaa.Users{} uaaUsers.Add(uaa.User{Username: "Test.Test@test.com", Email: "test.test@test.com", ExternalID: "Test.Test@test.com", Origin: "saml_origin", GUID: "test-id"}) uaaUsers.Add(uaa.User{Username: "test2.test2@test.com", Email: "test2.test2@test.com", ExternalID: "test2.test2@test.com", Origin: "saml_origin", GUID: "test2-id"}) - roleUsers, _ = NewRoleUsers( - []cfclient.V3User{ + roleUsers, _ = role.NewRoleUsers( + []*resource.User{ {Username: "Test.Test@test.com", GUID: "test-id"}, }, uaaUsers, @@ -68,21 +71,18 @@ var _ = Describe("SamlUsers", func() { OrgGUID: "org_guid", OrgName: "test-org", SpaceName: "test-space", - RoleUsers: InitRoleUsers(), - AddUser: userManager.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, } err := userManager.SyncSamlUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(1)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(1)) + orgGUID, spaceName, spaceGUID, userName, userGUID := roleMgrFake.AssociateSpaceAuditorArgsForCall(0) Expect(orgGUID).Should(Equal("org_guid")) Expect(userGUID).Should(Equal("test2-id")) - Expect(role).To(Equal(ORG_USER)) - - spaceGUID, userGUID, roleType := client.CreateV3SpaceRoleArgsForCall(0) Expect(spaceGUID).Should(Equal("space_guid")) - Expect(userGUID).Should(Equal("test2-id")) - Expect(roleType).Should(Equal(SPACE_AUDITOR)) + Expect(spaceName).Should(Equal("test-org/test-space")) + Expect(userName).Should(Equal("test2.test2@test.com")) }) It("Should not add existing saml user to role", func() { @@ -90,16 +90,15 @@ var _ = Describe("SamlUsers", func() { SamlUsers: []string{"test.test@test.com"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } Expect(roleUsers.HasUser("test.test@test.com")).Should(BeTrue()) err := userManager.SyncSamlUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) Expect(roleUsers.HasUser("test.test@test.com")).Should(BeFalse()) Expect(uaaFake.CreateExternalUserCallCount()).Should(Equal(0)) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(0)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(0)) }) @@ -108,23 +107,22 @@ var _ = Describe("SamlUsers", func() { SamlUsers: []string{"Test.Test@test.com"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } err := userManager.SyncSamlUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) Expect(roleUsers.HasUser("Test.Test@test.com")).Should(BeFalse()) Expect(uaaFake.CreateExternalUserCallCount()).Should(Equal(0)) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(0)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(0)) }) It("Should create external user when user doesn't exist in uaa", func() { updateUsersInput := UsersInput{ SamlUsers: []string{"test3.test3@test.com"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } err := userManager.SyncSamlUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) @@ -141,8 +139,8 @@ var _ = Describe("SamlUsers", func() { SamlUsers: []string{"test.test@test.com"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } userManager.UAAUsers = &uaa.Users{} uaaFake.CreateExternalUserReturns("guid", errors.New("error")) @@ -152,8 +150,8 @@ var _ = Describe("SamlUsers", func() { }) It("Should return error", func() { - roleUsers := InitRoleUsers() - roleUsers.AddUsers([]RoleUser{ + roleUsers := role.InitRoleUsers() + roleUsers.AddUsers([]role.RoleUser{ {UserName: "test"}, }) uaaUsers := &uaa.Users{} @@ -162,15 +160,14 @@ var _ = Describe("SamlUsers", func() { SamlUsers: []string{"test.test@test.com"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } userManager.UAAUsers = uaaUsers - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) + roleMgrFake.AssociateSpaceAuditorReturns(errors.New("Got an error")) err := userManager.SyncSamlUsers(roleUsers, updateUsersInput) Expect(err).Should(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(1)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(1)) }) }) }) diff --git a/user/timings.go b/user/timings.go deleted file mode 100644 index 70dee821..00000000 --- a/user/timings.go +++ /dev/null @@ -1,134 +0,0 @@ -package user - -import ( - "encoding/csv" - "fmt" - "log" - "net/url" - "os" - "time" - - cfclient "github.com/cloudfoundry-community/go-cfclient" - "github.com/xchapter7x/lo" -) - -func NewCFClientTimer(client CFClient) *CFClientTimer { - return &CFClientTimer{ - client: client, - timings: make(map[string][]Timing), - } -} - -type Timing struct { - ElapsedTime time.Duration - Args interface{} -} - -type CFClientTimer struct { - client CFClient - timings map[string][]Timing -} - -func (t *CFClientTimer) LogResults() { - for key, timings := range t.timings { - lo.G.Infof("Method %s called %d times", key, len(timings)) - } - - file, err := os.Create("timings.csv") - if err != nil { - log.Fatal(err) - } - - csvwriter := csv.NewWriter(file) - for key, timings := range t.timings { - for _, timing := range timings { - csvwriter.Write([]string{key, timing.ElapsedTime.String(), fmt.Sprintf("%v", timing.Args)}) - } - } - csvwriter.Flush() - defer file.Close() -} - -func (t *CFClientTimer) addTiming(key string, timing Timing) { - t.timings[key] = append(t.timings[key], timing) -} - -func (t *CFClientTimer) ListSpacesByQuery(query url.Values) ([]cfclient.Space, error) { - start := time.Now() - result, err := t.client.ListSpacesByQuery(query) - duration := time.Since(start) - t.addTiming("ListSpacesByQuery", Timing{ElapsedTime: duration, Args: query}) - return result, err -} - -func (t *CFClientTimer) DeleteUser(userGuid string) error { - start := time.Now() - err := t.client.DeleteUser(userGuid) - duration := time.Since(start) - t.addTiming("DeleteUser", Timing{ElapsedTime: duration, Args: userGuid}) - return err -} - -func (t *CFClientTimer) DeleteV3Role(roleGUID string) error { - start := time.Now() - err := t.client.DeleteV3Role(roleGUID) - duration := time.Since(start) - t.addTiming("DeleteV3Role", Timing{ElapsedTime: duration, Args: roleGUID}) - return err -} - -func (t *CFClientTimer) ListV3SpaceRolesByGUIDAndType(spaceGUID string, roleType string) ([]cfclient.V3User, error) { - start := time.Now() - result, err := t.client.ListV3SpaceRolesByGUIDAndType(spaceGUID, roleType) - duration := time.Since(start) - t.addTiming("ListV3SpaceRolesByGUIDAndType", Timing{ElapsedTime: duration, Args: spaceGUID + "_" + roleType}) - return result, err -} - -func (t *CFClientTimer) ListV3OrganizationRolesByGUIDAndType(orgGUID string, roleType string) ([]cfclient.V3User, error) { - start := time.Now() - result, err := t.client.ListV3OrganizationRolesByGUIDAndType(orgGUID, roleType) - duration := time.Since(start) - t.addTiming("ListV3OrganizationRolesByGUIDAndType", Timing{ElapsedTime: duration, Args: orgGUID + "_" + roleType}) - return result, err -} - -func (t *CFClientTimer) CreateV3OrganizationRole(orgGUID string, userGUID string, roleType string) (*cfclient.V3Role, error) { - start := time.Now() - result, err := t.client.CreateV3OrganizationRole(orgGUID, userGUID, roleType) - duration := time.Since(start) - t.addTiming("CreateV3OrganizationRole", Timing{ElapsedTime: duration, Args: orgGUID + "_" + userGUID + "_" + roleType}) - return result, err -} - -func (t *CFClientTimer) CreateV3SpaceRole(spaceGUID string, userGUID string, roleType string) (*cfclient.V3Role, error) { - start := time.Now() - result, err := t.client.CreateV3SpaceRole(spaceGUID, userGUID, roleType) - duration := time.Since(start) - t.addTiming("CreateV3SpaceRole", Timing{ElapsedTime: duration, Args: spaceGUID + "_" + userGUID + "_" + roleType}) - return result, err -} - -func (t *CFClientTimer) SupportsSpaceSupporterRole() (bool, error) { - start := time.Now() - result, err := t.client.SupportsSpaceSupporterRole() - duration := time.Since(start) - t.addTiming("SupportsSpaceSupporterRole", Timing{ElapsedTime: duration, Args: ""}) - return result, err -} - -func (t *CFClientTimer) ListV3RolesByQuery(query url.Values) ([]cfclient.V3Role, error) { - start := time.Now() - result, err := t.client.ListV3RolesByQuery(query) - duration := time.Since(start) - t.addTiming("ListV3RolesByQuery", Timing{ElapsedTime: duration, Args: query}) - return result, err -} - -func (t *CFClientTimer) ListV3UsersByQuery(query url.Values) ([]cfclient.V3User, error) { - start := time.Now() - result, err := t.client.ListV3UsersByQuery(query) - duration := time.Since(start) - t.addTiming("ListV3UsersByQuery", Timing{ElapsedTime: duration, Args: query}) - return result, err -} diff --git a/user/types.go b/user/types.go index fa16fd82..27744e29 100644 --- a/user/types.go +++ b/user/types.go @@ -1,51 +1,14 @@ package user import ( - "net/url" - - cfclient "github.com/cloudfoundry-community/go-cfclient" "github.com/vmwarepivotallabs/cf-mgmt/ldap" ) -func InitRoleUsers() *RoleUsers { - return &RoleUsers{ - users: make(map[string][]RoleUser), - orphanedUsers: make(map[string]string), - } -} - -type RoleUsers struct { - users map[string][]RoleUser - orphanedUsers map[string]string -} -type RoleUser struct { - UserName string - GUID string - Origin string -} - // Manager - interface type encapsulating Update space users behavior type Manager interface { - InitializeLdap(ldapBindUser, ldapBindPassword, ldapServer string) error - DeinitializeLdap() error UpdateSpaceUsers() []error UpdateOrgUsers() []error CleanupOrgUsers() []error - ListOrgUsersByRole(orgGUID string) (*RoleUsers, *RoleUsers, *RoleUsers, *RoleUsers, error) - ListSpaceUsersByRole(spaceGUID string) (*RoleUsers, *RoleUsers, *RoleUsers, *RoleUsers, error) -} - -type CFClient interface { - ListSpacesByQuery(query url.Values) ([]cfclient.Space, error) - DeleteUser(userGuid string) error - DeleteV3Role(roleGUID string) error - ListV3SpaceRolesByGUIDAndType(spaceGUID string, roleType string) ([]cfclient.V3User, error) - ListV3OrganizationRolesByGUIDAndType(orgGUID string, roleType string) ([]cfclient.V3User, error) - CreateV3OrganizationRole(orgGUID, userGUID, roleType string) (*cfclient.V3Role, error) - CreateV3SpaceRole(spaceGUID, userGUID, roleType string) (*cfclient.V3Role, error) - SupportsSpaceSupporterRole() (bool, error) - ListV3RolesByQuery(query url.Values) ([]cfclient.V3Role, error) - ListV3UsersByQuery(query url.Values) ([]cfclient.V3User, error) } type LdapManager interface { diff --git a/user/users.go b/user/users.go index 554825b3..ce0f5b10 100644 --- a/user/users.go +++ b/user/users.go @@ -2,22 +2,20 @@ package user import ( "fmt" - "net/url" "os" "strings" - cfclient "github.com/cloudfoundry-community/go-cfclient" "github.com/pkg/errors" "github.com/vmwarepivotallabs/cf-mgmt/config" "github.com/vmwarepivotallabs/cf-mgmt/ldap" "github.com/vmwarepivotallabs/cf-mgmt/organizationreader" + "github.com/vmwarepivotallabs/cf-mgmt/role" "github.com/vmwarepivotallabs/cf-mgmt/space" "github.com/vmwarepivotallabs/cf-mgmt/uaa" "github.com/vmwarepivotallabs/cf-mgmt/util" "github.com/xchapter7x/lo" ) -const ORG_USER string = "organization_user" const ORG_AUDITOR string = "organization_auditor" const ORG_MANAGER string = "organization_manager" const ORG_BILLING_MANAGER string = "organization_billing_manager" @@ -28,81 +26,39 @@ const SPACE_SUPPORTER string = "space_supporter" // NewManager - func NewManager( - client CFClient, cfg config.Reader, spaceMgr space.Manager, orgReader organizationreader.Reader, - uaaMgr uaa.Manager, + uaaMgr uaa.Manager, roleMgr role.Manager, ldapMgr *ldap.Manager, peek bool) (Manager, error) { - supports, err := client.SupportsSpaceSupporterRole() + ldapConfig, err := cfg.LdapConfig("", "", "") if err != nil { return nil, err } - mgr := &DefaultManager{ - Peek: peek, - SpaceMgr: spaceMgr, - OrgReader: orgReader, - UAAMgr: uaaMgr, - Cfg: cfg, - SupportsSpaceSupporter: supports, - } - _, logTimings := os.LookupEnv("LOG_TIMINGS") - if logTimings { - lo.G.Infof("Logging timings enabled") - timer := NewCFClientTimer(client) - mgr.Client = timer - } else { - mgr.Client = client + Peek: peek, + SpaceMgr: spaceMgr, + OrgReader: orgReader, + UAAMgr: uaaMgr, + RoleMgr: roleMgr, + LdapMgr: ldapMgr, + Cfg: cfg, + LdapConfig: ldapConfig, } return mgr, nil } type DefaultManager struct { - Client CFClient - Cfg config.Reader - SpaceMgr space.Manager - OrgReader organizationreader.Reader - UAAMgr uaa.Manager - Peek bool - LdapMgr LdapManager - LdapConfig *config.LdapConfig - SupportsSpaceSupporter bool - UAAUsers *uaa.Users - CFUsers map[string]cfclient.V3User - OrgRoles map[string]map[string]*RoleUsers - SpaceRoles map[string]map[string]*RoleUsers -} - -func (m *DefaultManager) ClearRoles() { - m.OrgRoles = nil - m.SpaceRoles = nil -} - -func (m *DefaultManager) LogResults() { - v, ok := m.Client.(*CFClientTimer) - if ok { - v.LogResults() - } -} - -func (m *DefaultManager) GetCFUsers() (map[string]cfclient.V3User, error) { - if m.CFUsers == nil { - cfUserMap := make(map[string]cfclient.V3User) - cfUsers, err := m.Client.ListV3UsersByQuery(url.Values{}) - if err != nil { - return nil, err - } - lo.G.Debug("Begin CFUsers") - for _, cfUser := range cfUsers { - cfUserMap[cfUser.GUID] = cfUser - lo.G.Debugf("CFUser with username [%s] and guid [%s]", cfUser.Username, cfUser.GUID) - } - lo.G.Debug("End CFUsers") - m.CFUsers = cfUserMap - } - return m.CFUsers, nil + Cfg config.Reader + SpaceMgr space.Manager + OrgReader organizationreader.Reader + UAAMgr uaa.Manager + RoleMgr role.Manager + Peek bool + LdapMgr LdapManager + LdapConfig *config.LdapConfig + UAAUsers *uaa.Users } func (m *DefaultManager) GetUAAUsers() (*uaa.Users, error) { @@ -120,378 +76,10 @@ func (m *DefaultManager) AddUAAUser(user uaa.User) { m.UAAUsers.Add(user) } -func (m *DefaultManager) dumpRolesUsers(entityType string, entityRoles map[string]map[string]*RoleUsers) { - level, logging := os.LookupEnv("LOG_LEVEL") - if logging && strings.EqualFold(level, "DEBUG") { - for guid, roles := range entityRoles { - for roleType, role := range roles { - for _, user := range role.Users() { - lo.G.Debugf("User [%s] with GUID[%s] and origin %s in role %s for entity type [%s/%s]", user.UserName, user.GUID, user.Origin, roleType, entityType, guid) - } - } - } - } -} - -func (m *DefaultManager) dumpV3Roles(entityType string, roles []cfclient.V3Role) { - level, logging := os.LookupEnv("LOG_LEVEL") - if logging && strings.EqualFold(level, "DEBUG") { - for _, role := range roles { - lo.G.Debugf("For entity [%s/%s] and role [%s] user guid [%s]", entityType, role.GUID, role.Type, role.Relationships["user"].Data.GUID) - } - } -} -func (m *DefaultManager) initializeSpaceUserRolesMap() error { - spaceV3UsersRolesMap := make(map[string]map[string][]cfclient.V3User) - query := url.Values{} - query["per_page"] = []string{"5000"} - query["order_by"] = []string{"created_at"} - query["types"] = []string{SPACE_AUDITOR + "," + SPACE_DEVELOPER + "," + SPACE_MANAGER + "," + SPACE_SUPPORTER} - roles, err := m.Client.ListV3RolesByQuery(query) - if err != nil { - return err - } - lo.G.Debugf("Found %d roles from %s API", len(roles), "space") - err = m.checkResultsAllReturned("space", roles) - if err != nil { - return err - } - m.dumpV3Roles("space", roles) - for _, role := range roles { - spaceGUID := role.Relationships["space"].Data.GUID - user, err := m.getUserForGUID(role.Relationships["user"].Data.GUID) - if err != nil { - return err - } - spaceRoleMap, ok := spaceV3UsersRolesMap[spaceGUID] - if !ok { - spaceRoleMap = make(map[string][]cfclient.V3User) - spaceV3UsersRolesMap[spaceGUID] = spaceRoleMap - } - spaceRoleMap[role.Type] = append(spaceRoleMap[role.Type], *user) - } - spaceUsersRoleMap := make(map[string]map[string]*RoleUsers) - for key, val := range spaceV3UsersRolesMap { - for role, users := range val { - uaaUsers, err := m.GetUAAUsers() - if err != nil { - return err - } - roleUsers, err := NewRoleUsers(users, uaaUsers) - if err != nil { - return err - } - roleMap, ok := spaceUsersRoleMap[key] - if !ok { - roleMap = make(map[string]*RoleUsers) - spaceUsersRoleMap[key] = roleMap - } - roleMap[role] = roleUsers - } - } - m.dumpRolesUsers("spaces", spaceUsersRoleMap) - m.SpaceRoles = spaceUsersRoleMap - return nil -} - -func (m *DefaultManager) checkResultsAllReturned(entityType string, roles []cfclient.V3Role) error { - tracker := make(map[string]string) - for _, role := range roles { - if _, ok := tracker[role.GUID]; !ok { - tracker[role.GUID] = role.GUID - } else { - return fmt.Errorf("role for type %s with GUID[%s] is returned multiple times, pagination for v3 roles is not working", entityType, role.GUID) - } - } - return nil -} - -func (m *DefaultManager) initializeOrgUserRolesMap() error { - orgV3UsersRolesMap := make(map[string]map[string][]cfclient.V3User) - query := url.Values{} - query["per_page"] = []string{"5000"} - query["order_by"] = []string{"created_at"} - query["types"] = []string{ORG_AUDITOR + "," + ORG_BILLING_MANAGER + "," + ORG_MANAGER + "," + ORG_USER} - roles, err := m.Client.ListV3RolesByQuery(query) - if err != nil { - return err - } - lo.G.Debugf("Found %d roles from %s API", len(roles), "organization") - err = m.checkResultsAllReturned("organization", roles) - if err != nil { - return err - } - m.dumpV3Roles("organization", roles) - for _, role := range roles { - orgGUID := role.Relationships["organization"].Data.GUID - user, err := m.getUserForGUID(role.Relationships["user"].Data.GUID) - if err != nil { - return err - } - orgRoleMap, ok := orgV3UsersRolesMap[orgGUID] - if !ok { - orgRoleMap = make(map[string][]cfclient.V3User) - orgV3UsersRolesMap[orgGUID] = orgRoleMap - } - orgRoleMap[role.Type] = append(orgRoleMap[role.Type], *user) - } - orgUsersRoleMap := make(map[string]map[string]*RoleUsers) - for key, val := range orgV3UsersRolesMap { - for role, users := range val { - uaaUsers, err := m.GetUAAUsers() - if err != nil { - return err - } - roleUsers, err := NewRoleUsers(users, uaaUsers) - if err != nil { - return err - } - roleMap, ok := orgUsersRoleMap[key] - if !ok { - roleMap = make(map[string]*RoleUsers) - orgUsersRoleMap[key] = roleMap - } - roleMap[role] = roleUsers - } - } - m.dumpRolesUsers("organizations", orgUsersRoleMap) - m.OrgRoles = orgUsersRoleMap - - return nil -} - -func (m *DefaultManager) RemoveSpaceAuditor(input UsersInput, userName, userGUID string) error { - if m.Peek { - lo.G.Infof("[dry-run]: removing user %s from org/space %s/%s with role %s", userName, input.OrgName, input.SpaceName, "Auditor") - return nil - } - lo.G.Infof("removing user %s from org/space %s/%s with role %s", userName, input.OrgName, input.SpaceName, "Auditor") - role, err := m.GetSpaceRoleGUID(input.SpaceGUID, userGUID, SPACE_AUDITOR) - if err != nil { - return err - } - return m.Client.DeleteV3Role(role) -} -func (m *DefaultManager) RemoveSpaceDeveloper(input UsersInput, userName, userGUID string) error { - if m.Peek { - lo.G.Infof("[dry-run]: removing user %s from org/space %s/%s with role %s", userName, input.OrgName, input.SpaceName, "Developer") - return nil - } - lo.G.Infof("removing user %s from org/space %s/%s with role %s", userName, input.OrgName, input.SpaceName, "Developer") - role, err := m.GetSpaceRoleGUID(input.SpaceGUID, userGUID, SPACE_DEVELOPER) - if err != nil { - return err - } - return m.Client.DeleteV3Role(role) -} -func (m *DefaultManager) RemoveSpaceManager(input UsersInput, userName, userGUID string) error { - if m.Peek { - lo.G.Infof("[dry-run]: removing user %s from org/space %s/%s with role %s", userName, input.OrgName, input.SpaceName, "Manager") - return nil - } - lo.G.Infof("removing user %s from org/space %s/%s with role %s", userName, input.OrgName, input.SpaceName, "Manager") - role, err := m.GetSpaceRoleGUID(input.SpaceGUID, userGUID, SPACE_MANAGER) - if err != nil { - return err - } - return m.Client.DeleteV3Role(role) -} - -func (m *DefaultManager) RemoveSpaceSupporter(input UsersInput, userName, userGUID string) error { - if m.Peek { - lo.G.Infof("[dry-run]: removing user %s from org/space %s/%s with role %s", userName, input.OrgName, input.SpaceName, "supporter") - return nil - } - - if !m.SupportsSpaceSupporter { - lo.G.Infof("this instance of cloud foundry does not support space_supporter role") - return nil - } - lo.G.Infof("removing user %s from org/space %s/%s with role %s", userName, input.OrgName, input.SpaceName, "supporter") - role, err := m.GetSpaceRoleGUID(input.SpaceGUID, userGUID, SPACE_SUPPORTER) - if err != nil { - return err - } - return m.Client.DeleteV3Role(role) -} - -func (m *DefaultManager) AssociateSpaceAuditor(input UsersInput, userName, userGUID string) error { - err := m.AddUserToOrg(input.OrgGUID, userName, userGUID) - if err != nil { - return err - } - if m.Peek { - lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s/%s", userName, "auditor", input.OrgName, input.SpaceName) - return nil - } - - lo.G.Infof("adding %s to role %s for org/space %s/%s", userName, "auditor", input.OrgName, input.SpaceName) - _, err = m.Client.CreateV3SpaceRole(input.SpaceGUID, userGUID, SPACE_AUDITOR) - return err -} -func (m *DefaultManager) AssociateSpaceDeveloper(input UsersInput, userName, userGUID string) error { - err := m.AddUserToOrg(input.OrgGUID, userName, userGUID) - if err != nil { - return err - } - if m.Peek { - lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s/%s", userName, "developer", input.OrgName, input.SpaceName) - return nil - } - lo.G.Infof("adding %s to role %s for org/space %s/%s", userName, "developer", input.OrgName, input.SpaceName) - _, err = m.Client.CreateV3SpaceRole(input.SpaceGUID, userGUID, SPACE_DEVELOPER) - return err -} -func (m *DefaultManager) AssociateSpaceManager(input UsersInput, userName, userGUID string) error { - err := m.AddUserToOrg(input.OrgGUID, userName, userGUID) - if err != nil { - return err - } - if m.Peek { - lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s/%s", userName, "manager", input.OrgName, input.SpaceName) - return nil - } - - lo.G.Infof("adding %s to role %s for org/space %s/%s", userName, "manager", input.OrgName, input.SpaceName) - _, err = m.Client.CreateV3SpaceRole(input.SpaceGUID, userGUID, SPACE_MANAGER) - return err -} - -func (m *DefaultManager) AssociateSpaceSupporter(input UsersInput, userName, userGUID string) error { - - if !m.SupportsSpaceSupporter { - lo.G.Infof("this instance of cloud foundry does not support space_supporter role") - return nil - } - err := m.AddUserToOrg(input.OrgGUID, userName, userGUID) - if err != nil { - return err - } - if m.Peek { - lo.G.Infof("[dry-run]: adding %s to role %s for org/space %s/%s", userName, "supporter", input.OrgName, input.SpaceName) - return nil - } - - lo.G.Infof("adding %s to role %s for org/space %s/%s", userName, "supporter", input.OrgName, input.SpaceName) - _, err = m.Client.CreateV3SpaceRole(input.SpaceGUID, userGUID, SPACE_SUPPORTER) - return err -} - -func (m *DefaultManager) AddUserToOrg(orgGUID string, userName, userGUID string) error { - if m.Peek { - return nil - } - orgUsers, _, _, _, err := m.ListOrgUsersByRole(orgGUID) - if err != nil { - return err - } - if !orgUsers.HasUserForGUID(userName, userGUID) { - _, err := m.Client.CreateV3OrganizationRole(orgGUID, userGUID, ORG_USER) - if err != nil { - lo.G.Debugf("Error adding user [%s] to org with guid [%s] but should have succeeded missing from org roles %+v, message: [%s]", userName, userGUID, orgUsers, err.Error()) - return err - } - orgUsers.addUser(RoleUser{UserName: userName, GUID: userGUID}) - m.updateOrgRoleUsers(orgGUID, orgUsers) - } - return nil -} - -func (m *DefaultManager) updateOrgRoleUsers(orgGUID string, roleUser *RoleUsers) { - orgRoles, ok := m.OrgRoles[orgGUID] - if !ok { - orgRoles = make(map[string]*RoleUsers) - } - orgRoles[ORG_USER] = roleUser - m.OrgRoles[orgGUID] = orgRoles -} - -func (m *DefaultManager) RemoveOrgAuditor(input UsersInput, userName, userGUID string) error { - if m.Peek { - lo.G.Infof("[dry-run]: removing user %s from org %s with role %s", userName, input.OrgName, "auditor") - return nil - } - lo.G.Infof("removing user %s from org %s with role %s", userName, input.OrgName, "auditor") - role, err := m.GetOrgRoleGUID(input.OrgGUID, userGUID, ORG_AUDITOR) - if err != nil { - return err - } - return m.Client.DeleteV3Role(role) -} -func (m *DefaultManager) RemoveOrgBillingManager(input UsersInput, userName, userGUID string) error { - if m.Peek { - lo.G.Infof("[dry-run]: removing user %s from org %s with role %s", userName, input.OrgName, "billing manager") - return nil - } - lo.G.Infof("removing user %s from org %s with role %s", userName, input.OrgName, "billing manager") - role, err := m.GetOrgRoleGUID(input.OrgGUID, userGUID, ORG_BILLING_MANAGER) - if err != nil { - return err - } - return m.Client.DeleteV3Role(role) -} - -func (m *DefaultManager) RemoveOrgManager(input UsersInput, userName, userGUID string) error { - if m.Peek { - lo.G.Infof("[dry-run]: removing user %s from org %s with role %s", userName, input.OrgName, "manager") - return nil - } - lo.G.Infof("removing user %s from org %s with role %s", userName, input.OrgName, "manager") - role, err := m.GetOrgRoleGUID(input.OrgGUID, userGUID, ORG_MANAGER) - if err != nil { - return err - } - return m.Client.DeleteV3Role(role) -} - -func (m *DefaultManager) AssociateOrgAuditor(input UsersInput, userName, userGUID string) error { - err := m.AddUserToOrg(input.OrgGUID, userName, userGUID) - if err != nil { - return err - } - if m.Peek { - lo.G.Infof("[dry-run]: Add User %s to role %s for org %s", userName, "auditor", input.OrgName) - return nil - } - - lo.G.Infof("Add User %s to role %s for org %s", userName, "auditor", input.OrgName) - _, err = m.Client.CreateV3OrganizationRole(input.OrgGUID, userGUID, ORG_AUDITOR) - return err -} -func (m *DefaultManager) AssociateOrgBillingManager(input UsersInput, userName, userGUID string) error { - err := m.AddUserToOrg(input.OrgGUID, userName, userGUID) - if err != nil { - return err - } - if m.Peek { - lo.G.Infof("[dry-run]: Add User %s to role %s for org %s", userName, "billing manager", input.OrgName) - return nil - } - - lo.G.Infof("Add User %s to role %s for org %s", userName, "billing manager", input.OrgName) - _, err = m.Client.CreateV3OrganizationRole(input.OrgGUID, userGUID, ORG_BILLING_MANAGER) - return err -} - -func (m *DefaultManager) AssociateOrgManager(input UsersInput, userName, userGUID string) error { - err := m.AddUserToOrg(input.OrgGUID, userName, userGUID) - if err != nil { - return err - } - if m.Peek { - lo.G.Infof("[dry-run]: Add User %s to role %s for org %s", userName, "manager", input.OrgName) - return nil - } - - lo.G.Infof("Add User %s to role %s for org %s", userName, "manager", input.OrgName) - _, err = m.Client.CreateV3OrganizationRole(input.OrgGUID, userGUID, ORG_MANAGER) - return err -} - // UpdateSpaceUsers - func (m *DefaultManager) UpdateSpaceUsers() []error { errs := []error{} - m.ClearRoles() + m.RoleMgr.ClearRoles() spaceConfigs, err := m.Cfg.GetSpaceConfigs() if err != nil { return []error{err} @@ -502,7 +90,6 @@ func (m *DefaultManager) UpdateSpaceUsers() []error { errs = append(errs, err) } } - m.LogResults() return errs } @@ -517,7 +104,7 @@ func (m *DefaultManager) updateSpaceUsers(input *config.SpaceConfig) error { lo.G.Debug("") lo.G.Debug("") - managers, developers, auditors, supporters, err := m.ListSpaceUsersByRole(space.GUID) + managers, developers, auditors, supporters, err := m.RoleMgr.ListSpaceUsersByRole(space.GUID) if err != nil { return err } @@ -533,8 +120,8 @@ func (m *DefaultManager) updateSpaceUsers(input *config.SpaceConfig) error { SamlUsers: input.Developer.SamlUsers, RemoveUsers: input.RemoveUsers, RoleUsers: developers, - RemoveUser: m.RemoveSpaceDeveloper, - AddUser: m.AssociateSpaceDeveloper, + RemoveUser: m.RoleMgr.RemoveSpaceDeveloper, + AddUser: m.RoleMgr.AssociateSpaceDeveloper, Role: SPACE_DEVELOPER, }); err != nil { return errors.Wrap(err, fmt.Sprintf("Error syncing users for org %s, space %s, role %s", input.Org, input.Space, "developer")) @@ -552,8 +139,8 @@ func (m *DefaultManager) updateSpaceUsers(input *config.SpaceConfig) error { SamlUsers: input.Manager.SamlUsers, RemoveUsers: input.RemoveUsers, RoleUsers: managers, - RemoveUser: m.RemoveSpaceManager, - AddUser: m.AssociateSpaceManager, + RemoveUser: m.RoleMgr.RemoveSpaceManager, + AddUser: m.RoleMgr.AssociateSpaceManager, Role: SPACE_MANAGER, }); err != nil { return errors.Wrap(err, fmt.Sprintf("Error syncing users for org %s, space %s, role %s", input.Org, input.Space, "manager")) @@ -570,8 +157,8 @@ func (m *DefaultManager) updateSpaceUsers(input *config.SpaceConfig) error { SamlUsers: input.Auditor.SamlUsers, RemoveUsers: input.RemoveUsers, RoleUsers: auditors, - RemoveUser: m.RemoveSpaceAuditor, - AddUser: m.AssociateSpaceAuditor, + RemoveUser: m.RoleMgr.RemoveSpaceAuditor, + AddUser: m.RoleMgr.AssociateSpaceAuditor, Role: SPACE_AUDITOR, }); err != nil { return errors.Wrap(err, fmt.Sprintf("Error syncing users for org %s, space %s, role %s", input.Org, input.Space, "auditor")) @@ -588,8 +175,8 @@ func (m *DefaultManager) updateSpaceUsers(input *config.SpaceConfig) error { SamlUsers: input.Supporter.SamlUsers, RemoveUsers: input.RemoveUsers, RoleUsers: supporters, - RemoveUser: m.RemoveSpaceSupporter, - AddUser: m.AssociateSpaceSupporter, + RemoveUser: m.RoleMgr.RemoveSpaceSupporter, + AddUser: m.RoleMgr.AssociateSpaceSupporter, Role: SPACE_SUPPORTER, }); err != nil { return errors.Wrap(err, fmt.Sprintf("Error syncing users for org %s, space %s, role %s", input.Org, input.Space, "developer")) @@ -606,7 +193,7 @@ func (m *DefaultManager) updateSpaceUsers(input *config.SpaceConfig) error { // UpdateOrgUsers - func (m *DefaultManager) UpdateOrgUsers() []error { errs := []error{} - m.ClearRoles() + m.RoleMgr.ClearRoles() orgConfigs, err := m.Cfg.GetOrgConfigs() if err != nil { return []error{err} @@ -618,7 +205,6 @@ func (m *DefaultManager) UpdateOrgUsers() []error { } } - m.LogResults() return errs } @@ -628,7 +214,7 @@ func (m *DefaultManager) updateOrgUsers(input *config.OrgConfig) error { return err } - _, managers, billingManagers, auditors, err := m.ListOrgUsersByRole(org.GUID) + _, managers, billingManagers, auditors, err := m.RoleMgr.ListOrgUsersByRole(org.GUID) if err != nil { return err } @@ -642,8 +228,8 @@ func (m *DefaultManager) updateOrgUsers(input *config.OrgConfig) error { SamlUsers: input.BillingManager.SamlUsers, RemoveUsers: input.RemoveUsers, RoleUsers: billingManagers, - RemoveUser: m.RemoveOrgBillingManager, - AddUser: m.AssociateOrgBillingManager, + RemoveUser: m.RoleMgr.RemoveOrgBillingManager, + AddUser: m.RoleMgr.AssociateOrgBillingManager, Role: ORG_BILLING_MANAGER, }) if err != nil { @@ -659,8 +245,8 @@ func (m *DefaultManager) updateOrgUsers(input *config.OrgConfig) error { SamlUsers: input.Auditor.SamlUsers, RemoveUsers: input.RemoveUsers, RoleUsers: auditors, - RemoveUser: m.RemoveOrgAuditor, - AddUser: m.AssociateOrgAuditor, + RemoveUser: m.RoleMgr.RemoveOrgAuditor, + AddUser: m.RoleMgr.AssociateOrgAuditor, Role: ORG_AUDITOR, }) if err != nil { @@ -676,8 +262,8 @@ func (m *DefaultManager) updateOrgUsers(input *config.OrgConfig) error { SamlUsers: input.Manager.SamlUsers, RemoveUsers: input.RemoveUsers, RoleUsers: managers, - RemoveUser: m.RemoveOrgManager, - AddUser: m.AssociateOrgManager, + RemoveUser: m.RoleMgr.RemoveOrgManager, + AddUser: m.RoleMgr.AssociateOrgManager, Role: ORG_MANAGER, }) @@ -688,7 +274,7 @@ func (m *DefaultManager) updateOrgUsers(input *config.OrgConfig) error { return nil } -func (m *DefaultManager) dumpRoleUsers(message string, users []RoleUser) { +func (m *DefaultManager) dumpRoleUsers(message string, users []role.RoleUser) { level, logging := os.LookupEnv("LOG_LEVEL") if logging && strings.EqualFold(level, "DEBUG") { lo.G.Debugf("Begin %s", message) @@ -731,7 +317,7 @@ func (m *DefaultManager) SyncUsers(usersInput UsersInput) error { return nil } -func (m *DefaultManager) SyncInternalUsers(roleUsers *RoleUsers, usersInput UsersInput) error { +func (m *DefaultManager) SyncInternalUsers(roleUsers *role.RoleUsers, usersInput UsersInput) error { origin := "uaa" uaaUsers, err := m.GetUAAUsers() if err != nil { @@ -749,7 +335,7 @@ func (m *DefaultManager) SyncInternalUsers(roleUsers *RoleUsers, usersInput User return fmt.Errorf("unable to find user %s for origin %s", lowerUserID, origin) } m.dumpRoleUsers(fmt.Sprintf("Adding user [%s] with guid[%s] with origin [%s] as doesn't exist in users for %s/%s - Role %s", lowerUserID, user.GUID, origin, usersInput.OrgName, usersInput.SpaceName, usersInput.Role), roleUsers.Users()) - if err := usersInput.AddUser(usersInput, user.Username, user.GUID); err != nil { + if err := usersInput.AddUser(usersInput.OrgGUID, usersInput.EntityName(), usersInput.EntityGUID(), user.Username, user.GUID); err != nil { return errors.Wrap(err, fmt.Sprintf("adding user %s for origin %s", user.Username, origin)) } } else { @@ -759,7 +345,7 @@ func (m *DefaultManager) SyncInternalUsers(roleUsers *RoleUsers, usersInput User return nil } -func (m *DefaultManager) RemoveUsers(roleUsers *RoleUsers, usersInput UsersInput) error { +func (m *DefaultManager) RemoveUsers(roleUsers *role.RoleUsers, usersInput UsersInput) error { if usersInput.RemoveUsers { cfg, err := m.Cfg.GetGlobalConfig() if err != nil { @@ -772,7 +358,7 @@ func (m *DefaultManager) RemoveUsers(roleUsers *RoleUsers, usersInput UsersInput } for _, roleUser := range roleUsers.Users() { if !util.Matches(roleUser.UserName, protectedUsers) { - if err := usersInput.RemoveUser(usersInput, roleUser.UserName, roleUser.GUID); err != nil { + if err := usersInput.RemoveUser(usersInput.EntityName(), usersInput.EntityGUID(), roleUser.UserName, roleUser.GUID); err != nil { return errors.Wrap(err, fmt.Sprintf("error removing user %s", roleUser.UserName)) } } @@ -786,62 +372,3 @@ func (m *DefaultManager) RemoveUsers(roleUsers *RoleUsers, usersInput UsersInput } return nil } - -func (m *DefaultManager) InitializeLdap(ldapBindUser, ldapBindPassword, ldapServer string) error { - ldapConfig, err := m.Cfg.LdapConfig(ldapBindUser, ldapBindPassword, ldapServer) - if err != nil { - return err - } - m.LdapConfig = ldapConfig - if m.LdapConfig.Enabled { - ldapMgr, err := ldap.NewManager(ldapConfig) - if err != nil { - return err - } - m.LdapMgr = ldapMgr - } - return nil -} - -func (m *DefaultManager) DeinitializeLdap() error { - if m.LdapMgr != nil { - m.LdapMgr.Close() - } - return nil -} - -func (m *DefaultManager) GetOrgRoleGUID(orgGUID, userGUID, role string) (string, error) { - roles, err := m.Client.ListV3RolesByQuery(url.Values{ - "organization_guids": []string{orgGUID}, - "user_guids": []string{userGUID}, - "types": []string{role}, - }) - if err != nil { - return "", err - } - if len(roles) == 0 { - return "", fmt.Errorf("no role found for orgGUID: %s, userGUID: %s and types: %s", orgGUID, userGUID, role) - } - if len(roles) > 1 { - return "", fmt.Errorf("more than 1 role found for orgGUID: %s, userGUID: %s and types: %s", orgGUID, userGUID, role) - } - return roles[0].GUID, nil -} - -func (m *DefaultManager) GetSpaceRoleGUID(spaceGUID, userGUID, role string) (string, error) { - roles, err := m.Client.ListV3RolesByQuery(url.Values{ - "space_guids": []string{spaceGUID}, - "user_guids": []string{userGUID}, - "types": []string{role}, - }) - if err != nil { - return "", err - } - if len(roles) == 0 { - return "", fmt.Errorf("no role found for spaceGUID: %s, userGUID: %s and types: %s", spaceGUID, userGUID, role) - } - if len(roles) > 1 { - return "", fmt.Errorf("more than 1 role found for spaceGUID: %s, userGUID: %s and types: %s", spaceGUID, userGUID, role) - } - return roles[0].GUID, nil -} diff --git a/user/users_input.go b/user/users_input.go index 8698040e..f7444a2e 100644 --- a/user/users_input.go +++ b/user/users_input.go @@ -1,6 +1,11 @@ package user -import "strings" +import ( + "fmt" + "strings" + + "github.com/vmwarepivotallabs/cf-mgmt/role" +) // UsersInput type UsersInput struct { @@ -10,12 +15,26 @@ type UsersInput struct { SpaceName string OrgName string RemoveUsers bool - RoleUsers *RoleUsers - AddUser func(updateUserInput UsersInput, userName, userGUID string) error - RemoveUser func(updateUserInput UsersInput, userName, userGUID string) error + RoleUsers *role.RoleUsers + AddUser func(orgGUID, entityName, entityGUID, userName, userGUID string) error + RemoveUser func(entityName, entityGUID, userName, userGUID string) error Role string } +func (u *UsersInput) EntityName() string { + if u.SpaceGUID != "" { + return fmt.Sprintf("%s/%s", u.OrgName, u.SpaceName) + } + return u.OrgName +} + +func (u *UsersInput) EntityGUID() string { + if u.SpaceGUID != "" { + return u.SpaceGUID + } + return u.OrgGUID +} + func (u *UsersInput) UniqueUsers() []string { return uniqueSlice(u.Users) } diff --git a/user/users_test.go b/user/users_test.go index c9ed4614..b2862bf6 100644 --- a/user/users_test.go +++ b/user/users_test.go @@ -3,13 +3,14 @@ package user_test import ( "errors" - cfclient "github.com/cloudfoundry-community/go-cfclient" "github.com/cloudfoundry-community/go-cfclient/v3/resource" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/vmwarepivotallabs/cf-mgmt/config" configfakes "github.com/vmwarepivotallabs/cf-mgmt/config/fakes" orgfakes "github.com/vmwarepivotallabs/cf-mgmt/organizationreader/fakes" + "github.com/vmwarepivotallabs/cf-mgmt/role" + rolefakes "github.com/vmwarepivotallabs/cf-mgmt/role/fakes" spacefakes "github.com/vmwarepivotallabs/cf-mgmt/space/fakes" "github.com/vmwarepivotallabs/cf-mgmt/uaa" uaafakes "github.com/vmwarepivotallabs/cf-mgmt/uaa/fakes" @@ -20,133 +21,46 @@ import ( var _ = Describe("given UserSpaces", func() { var ( userManager *DefaultManager - client *fakes.FakeCFClient ldapFake *fakes.FakeLdapManager uaaFake *uaafakes.FakeManager fakeReader *configfakes.FakeReader spaceFake *spacefakes.FakeManager orgFake *orgfakes.FakeReader + roleMgrFake *rolefakes.FakeManager ) BeforeEach(func() { - client = new(fakes.FakeCFClient) ldapFake = new(fakes.FakeLdapManager) uaaFake = new(uaafakes.FakeManager) fakeReader = new(configfakes.FakeReader) spaceFake = new(spacefakes.FakeManager) orgFake = new(orgfakes.FakeReader) + roleMgrFake = new(rolefakes.FakeManager) }) Context("User Manager()", func() { BeforeEach(func() { userManager = &DefaultManager{ - Client: client, Cfg: fakeReader, UAAMgr: uaaFake, LdapMgr: ldapFake, SpaceMgr: spaceFake, OrgReader: orgFake, Peek: false, + RoleMgr: roleMgrFake, LdapConfig: &config.LdapConfig{Origin: "ldap"}, } fakeReader.GetGlobalConfigReturns(&config.GlobalConfig{}, nil) - }) - - Context("Success", func() { - It("Should succeed on RemoveSpaceAuditor", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - err := userManager.RemoveSpaceAuditor(UsersInput{SpaceGUID: "foo"}, "bar", "test-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).To(Equal("role-guid")) - }) - It("Should succeed on RemoveSpaceDeveloper", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - err := userManager.RemoveSpaceDeveloper(UsersInput{SpaceGUID: "foo"}, "bar", "test-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).To(Equal("role-guid")) - }) - It("Should succeed on RemoveSpaceManager", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - err := userManager.RemoveSpaceManager(UsersInput{SpaceGUID: "foo"}, "bar", "test-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).To(Equal("role-guid")) - }) - - It("Should succeed on AssociateSpaceAuditor", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateSpaceAuditor(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(1)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - spaceGUID, userGUID, roleType := client.CreateV3SpaceRoleArgsForCall(0) - Expect(spaceGUID).To(Equal("spaceGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(roleType).Should(Equal(SPACE_AUDITOR)) - - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) - - It("Should succeed on AssociateSpaceDeveloper", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateSpaceDeveloper(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(1)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - spaceGUID, userGUID, roleType := client.CreateV3SpaceRoleArgsForCall(0) - Expect(spaceGUID).To(Equal("spaceGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(roleType).Should(Equal(SPACE_DEVELOPER)) - - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) - - It("Should succeed on AssociateSpaceManager", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateSpaceManager(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(1)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) + roleMgrFake.ListOrgUsersByRoleReturns(role.InitRoleUsers(), role.InitRoleUsers(), role.InitRoleUsers(), role.InitRoleUsers(), nil) + roleMgrFake.ListSpaceUsersByRoleReturns(role.InitRoleUsers(), role.InitRoleUsers(), role.InitRoleUsers(), role.InitRoleUsers(), nil) }) Context("SyncInternalUsers", func() { - var roleUsers *RoleUsers + var roleUsers *role.RoleUsers BeforeEach(func() { uaaUsers := &uaa.Users{} uaaUsers.Add(uaa.User{Username: "test", Origin: "uaa", GUID: "test-user-guid"}) uaaUsers.Add(uaa.User{Username: "test-existing", Origin: "uaa", GUID: "test-existing-id"}) - roleUsers, _ = NewRoleUsers([]cfclient.V3User{ + roleUsers, _ = role.NewRoleUsers([]*resource.User{ {Username: "test-existing", GUID: "test-existing-id"}, }, uaaUsers) @@ -157,21 +71,19 @@ var _ = Describe("given UserSpaces", func() { Users: []string{"test"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + SpaceName: "spaceName", + OrgName: "orgName", + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } err := userManager.SyncInternalUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) + orgGUID, spaceName, spaceGUID, userName, userGUID := roleMgrFake.AssociateSpaceAuditorArgsForCall(0) Expect(orgGUID).Should(Equal("org_guid")) - Expect(userGUID).Should(Equal("test-user-guid")) - Expect(role).Should(Equal(ORG_USER)) - - spaceGUID, userGUID, roleType := client.CreateV3SpaceRoleArgsForCall(0) + Expect(spaceName).Should(Equal("orgName/spaceName")) Expect(spaceGUID).Should(Equal("space_guid")) + Expect(userName).Should(Equal("test")) Expect(userGUID).Should(Equal("test-user-guid")) - Expect(roleType).Should(Equal(SPACE_AUDITOR)) - }) It("Should not add existing internal user to role", func() { @@ -179,21 +91,20 @@ var _ = Describe("given UserSpaces", func() { Users: []string{"test-existing"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } err := userManager.SyncInternalUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(0)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(0)) }) It("Should error when user doesn't exist in uaa", func() { updateUsersInput := UsersInput{ Users: []string{"test2"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } err := userManager.SyncInternalUsers(roleUsers, updateUsersInput) Expect(err).Should(HaveOccurred()) @@ -205,24 +116,23 @@ var _ = Describe("given UserSpaces", func() { Users: []string{"test"}, SpaceGUID: "space_guid", OrgGUID: "org_guid", - AddUser: userManager.AssociateSpaceAuditor, - RoleUsers: InitRoleUsers(), + AddUser: roleMgrFake.AssociateSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) + roleMgrFake.AssociateSpaceAuditorReturns(errors.New("error")) err := userManager.SyncInternalUsers(roleUsers, updateUsersInput) Expect(err).Should(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).Should(Equal(1)) - Expect(client.CreateV3SpaceRoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.AssociateSpaceAuditorCallCount()).Should(Equal(1)) }) }) Context("Remove Users", func() { - var roleUsers *RoleUsers + var roleUsers *role.RoleUsers BeforeEach(func() { uaaUsers := &uaa.Users{} uaaUsers.Add(uaa.User{Username: "test", Origin: "uaa", GUID: "test-id"}) - roleUsers, _ = NewRoleUsers([]cfclient.V3User{ + roleUsers, _ = role.NewRoleUsers([]*resource.User{ {Username: "test", GUID: "test-id"}, }, uaaUsers) }) @@ -230,20 +140,23 @@ var _ = Describe("given UserSpaces", func() { It("Should remove users", func() { updateUsersInput := UsersInput{ RemoveUsers: true, + OrgName: "orgName", + SpaceName: "spaceName", SpaceGUID: "space_guid", OrgGUID: "org_guid", - RemoveUser: userManager.RemoveSpaceAuditor, - RoleUsers: InitRoleUsers(), + RemoveUser: roleMgrFake.RemoveSpaceAuditor, + RoleUsers: role.InitRoleUsers(), + Role: "auditor", } - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) err := userManager.RemoveUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).Should(Equal(1)) + Expect(roleMgrFake.RemoveSpaceAuditorCallCount()).Should(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).Should(Equal("role-guid")) + spaceName, spaceGUID, userName, userGUID := roleMgrFake.RemoveSpaceAuditorArgsForCall(0) + Expect(spaceName).Should(Equal("orgName/spaceName")) + Expect(spaceGUID).Should(Equal("space_guid")) + Expect(userName).Should(Equal("test")) + Expect(userGUID).Should(Equal("test-id")) }) It("Should not remove users", func() { @@ -251,27 +164,27 @@ var _ = Describe("given UserSpaces", func() { RemoveUsers: false, SpaceGUID: "space_guid", OrgGUID: "org_guid", - RemoveUser: userManager.RemoveSpaceAuditor, - RoleUsers: InitRoleUsers(), + RemoveUser: roleMgrFake.RemoveSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } err := userManager.RemoveUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.RemoveSpaceAuditorCallCount()).Should(Equal(0)) }) It("Should skip users that match protected user pattern", func() { uaaUsers := &uaa.Users{} uaaUsers.Add(uaa.User{Username: "abcd_123_0919191", Origin: "uaa", GUID: "test-id"}) - roleUsers, _ = NewRoleUsers([]cfclient.V3User{ + roleUsers, _ = role.NewRoleUsers([]*resource.User{ {Username: "abcd_123_0919191", GUID: "test-id"}, }, uaaUsers) updateUsersInput := UsersInput{ RemoveUsers: true, SpaceGUID: "space_guid", OrgGUID: "org_guid", - RemoveUser: userManager.RemoveSpaceAuditor, - RoleUsers: InitRoleUsers(), + RemoveUser: roleMgrFake.RemoveSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } fakeReader.GetGlobalConfigReturns(&config.GlobalConfig{ @@ -280,449 +193,21 @@ var _ = Describe("given UserSpaces", func() { err := userManager.RemoveUsers(roleUsers, updateUsersInput) Expect(err).ShouldNot(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).Should(Equal(0)) + Expect(roleMgrFake.RemoveSpaceAuditorCallCount()).Should(Equal(0)) }) It("Should return error", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) updateUsersInput := UsersInput{ RemoveUsers: true, SpaceGUID: "space_guid", OrgGUID: "org_guid", - RemoveUser: userManager.RemoveSpaceAuditor, - RoleUsers: InitRoleUsers(), + RemoveUser: roleMgrFake.RemoveSpaceAuditor, + RoleUsers: role.InitRoleUsers(), } - client.DeleteV3RoleReturns(errors.New("error")) + roleMgrFake.RemoveSpaceAuditorReturns(errors.New("error")) err := userManager.RemoveUsers(roleUsers, updateUsersInput) Expect(err).Should(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).Should(Equal(1)) - }) - }) - - Context("Peek", func() { - BeforeEach(func() { - userManager = &DefaultManager{ - Client: client, - Cfg: nil, - UAAMgr: nil, - LdapMgr: nil, - Peek: true} - }) - It("Should succeed on RemoveSpaceAuditor", func() { - err := userManager.RemoveSpaceAuditor(UsersInput{SpaceGUID: "foo"}, "bar", "uaa") - Expect(err).NotTo(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(0)) - }) - It("Should succeed on RemoveSpaceDeveloper", func() { - err := userManager.RemoveSpaceDeveloper(UsersInput{SpaceGUID: "foo"}, "bar", "uaa") - Expect(err).NotTo(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(0)) - }) - It("Should succeed on RemoveSpaceManager", func() { - err := userManager.RemoveSpaceManager(UsersInput{SpaceGUID: "foo"}, "bar", "uaa") - Expect(err).NotTo(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(0)) - }) - It("Should succeed on AssociateSpaceAuditor", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateSpaceAuditor(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(0)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(0)) - }) - It("Should succeed on AssociateSpaceDeveloper", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateSpaceDeveloper(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(0)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(0)) - }) - It("Should succeed on AssociateSpaceManager", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateSpaceManager(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(0)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(0)) - }) - }) - Context("Error", func() { - It("Should error on RemoveSpaceAuditor", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - client.DeleteV3RoleReturns(errors.New("error")) - err := userManager.RemoveSpaceAuditor(UsersInput{SpaceGUID: "foo"}, "bar", "user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).To(Equal("role-guid")) - }) - It("Should error on RemoveSpaceDeveloper", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - client.DeleteV3RoleReturns(errors.New("error")) - err := userManager.RemoveSpaceDeveloper(UsersInput{SpaceGUID: "foo"}, "bar", "user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).To(Equal("role-guid")) - }) - It("Should error on RemoveSpaceManager", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - client.DeleteV3RoleReturns(errors.New("error")) - err := userManager.RemoveSpaceManager(UsersInput{SpaceGUID: "foo"}, "bar", "user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).To(Equal("role-guid")) - }) - It("Should error on AssociateSpaceAuditor", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateSpaceAuditor(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(1)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - }) - It("Should error on AssociateSpaceAuditor", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, nil) - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateSpaceAuditor(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(0)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - }) - It("Should error on AssociateSpaceDeveloper", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateSpaceDeveloper(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(1)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - }) - It("Should error on AssociateSpaceDeveloper", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, nil) - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateSpaceDeveloper(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(0)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - }) - It("Should error on AssociateSpaceManager", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateSpaceManager(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(1)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - }) - It("Should error on AssociateSpaceManager", func() { - client.CreateV3SpaceRoleReturns(&cfclient.V3Role{}, nil) - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateSpaceManager(UsersInput{ - OrgGUID: "orgGUID", - SpaceGUID: "spaceGUID", - RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.CreateV3SpaceRoleCallCount()).To(Equal(0)) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - }) - }) - Context("AddUserToOrg", func() { - It("should associate user", func() { - err := userManager.AddUserToOrg("test-org-guid", "test", "test-user-guid") - Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).Should(Equal("test-org-guid")) - Expect(userGUID).Should(Equal("test-user-guid")) - Expect(role).To(Equal(ORG_USER)) - - }) - - It("should peek", func() { - userManager.Peek = true - err := userManager.AddUserToOrg("test-org-guid", "test", "test-user-guid") - Expect(err).ShouldNot(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(0)) - }) - - It("should error", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AddUserToOrg("test-org-guid", "test", "test-user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).Should(Equal("test-org-guid")) - Expect(userGUID).Should(Equal("test-user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) - }) - Context("RemoveOrgAuditor", func() { - It("should succeed", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - err := userManager.RemoveOrgAuditor(UsersInput{OrgGUID: "test-org-guid", RoleUsers: InitRoleUsers()}, "test", "test-user-guid") - Expect(err).ShouldNot(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).Should(Equal("role-guid")) - }) - - It("should peek", func() { - userManager.Peek = true - err := userManager.RemoveOrgAuditor(UsersInput{OrgGUID: "test-org-guid", RoleUsers: InitRoleUsers()}, "test", "test-user-guid") - Expect(err).ShouldNot(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(0)) - }) - - It("should error", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - client.DeleteV3RoleReturns(errors.New("error")) - err := userManager.RemoveOrgAuditor(UsersInput{OrgGUID: "test-org-guid", RoleUsers: InitRoleUsers()}, "test", "test-user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).Should(Equal("role-guid")) - }) - }) - - Context("RemoveOrgBillingManager", func() { - It("should succeed", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - err := userManager.RemoveOrgBillingManager(UsersInput{OrgGUID: "test-org-guid", RoleUsers: InitRoleUsers()}, "test", "test-user-guid") - Expect(err).ShouldNot(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).Should(Equal("role-guid")) - }) - - It("should peek", func() { - userManager.Peek = true - err := userManager.RemoveOrgBillingManager(UsersInput{OrgGUID: "test-org-guid", RoleUsers: InitRoleUsers()}, "test", "test-user-guid") - Expect(err).ShouldNot(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(0)) - }) - - It("should error", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - client.DeleteV3RoleReturns(errors.New("error")) - err := userManager.RemoveOrgBillingManager(UsersInput{OrgGUID: "test-org-guid", RoleUsers: InitRoleUsers()}, "test", "test-user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).Should(Equal("role-guid")) - }) - }) - - Context("RemoveOrgManager", func() { - It("should succeed", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - err := userManager.RemoveOrgManager(UsersInput{OrgGUID: "test-org-guid", RoleUsers: InitRoleUsers()}, "test", "test-user-guid") - Expect(err).ShouldNot(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).Should(Equal("role-guid")) - }) - - It("should peek", func() { - userManager.Peek = true - err := userManager.RemoveOrgManager(UsersInput{OrgGUID: "test-org-guid", RoleUsers: InitRoleUsers()}, "test", "test-user-guid") - Expect(err).ShouldNot(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(0)) - }) - - It("should error", func() { - client.ListV3RolesByQueryReturns([]cfclient.V3Role{ - {GUID: "role-guid"}, - }, nil) - client.DeleteV3RoleReturns(errors.New("error")) - err := userManager.RemoveOrgManager(UsersInput{OrgGUID: "test-org-guid", RoleUsers: InitRoleUsers()}, "test", "test-user-guid") - Expect(err).Should(HaveOccurred()) - Expect(client.DeleteV3RoleCallCount()).To(Equal(1)) - roleGUID := client.DeleteV3RoleArgsForCall(0) - Expect(roleGUID).Should(Equal("role-guid")) - }) - }) - - Context("AssociateOrgAuditor", func() { - It("Should succeed", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateOrgAuditor(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(2)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - - orgGUID, userGUID, role = client.CreateV3OrganizationRoleArgsForCall(1) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_AUDITOR)) - }) - - It("Should fail", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateOrgAuditor(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).To(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) - It("Should fail", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateOrgAuditor(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).To(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) - - It("Should peek", func() { - userManager.Peek = true - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateOrgAuditor(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(0)) - }) - }) - Context("AssociateOrgBillingManager", func() { - It("Should succeed", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateOrgBillingManager(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(2)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - - orgGUID, userGUID, role = client.CreateV3OrganizationRoleArgsForCall(1) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_BILLING_MANAGER)) - }) - - It("Should fail", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateOrgBillingManager(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).To(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) - - It("Should fail", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateOrgBillingManager(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).To(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) - - It("Should peek", func() { - userManager.Peek = true - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateOrgBillingManager(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(0)) - }) - }) - - Context("AssociateOrgManager", func() { - It("Should succeed", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateOrgManager(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(2)) - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - - orgGUID, userGUID, role = client.CreateV3OrganizationRoleArgsForCall(1) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_MANAGER)) - }) - - It("Should fail", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateOrgManager(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).To(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) - It("Should fail", func() { - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, errors.New("error")) - err := userManager.AssociateOrgManager(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).To(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(1)) - - orgGUID, userGUID, role := client.CreateV3OrganizationRoleArgsForCall(0) - Expect(orgGUID).To(Equal("orgGUID")) - Expect(userGUID).To(Equal("user-guid")) - Expect(role).To(Equal(ORG_USER)) - }) - - It("Should peek", func() { - userManager.Peek = true - client.CreateV3OrganizationRoleReturns(&cfclient.V3Role{}, nil) - err := userManager.AssociateOrgManager(UsersInput{OrgGUID: "orgGUID", RoleUsers: InitRoleUsers()}, "userName", "user-guid") - Expect(err).NotTo(HaveOccurred()) - Expect(client.CreateV3OrganizationRoleCallCount()).To(Equal(0)) + Expect(roleMgrFake.RemoveSpaceAuditorCallCount()).Should(Equal(1)) }) })