From 04bcf3cb35f1b97f93523b5b2bcd24bbd24d9b14 Mon Sep 17 00:00:00 2001 From: Armon Dadgar Date: Thu, 24 Aug 2017 17:26:13 -0700 Subject: [PATCH] api: full CRUD for ACL token API --- api/acl.go | 52 +++++++++++++++++++++++++++++++++ api/acl_test.go | 78 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 130 insertions(+) diff --git a/api/acl.go b/api/acl.go index 9090ff941..bac698237 100644 --- a/api/acl.go +++ b/api/acl.go @@ -92,6 +92,58 @@ func (a *ACLTokens) List(q *QueryOptions) ([]*ACLTokenListStub, *QueryMeta, erro return resp, qm, nil } +// Create is used to create a token +func (a *ACLTokens) Create(token *ACLToken, q *WriteOptions) (*ACLToken, *WriteMeta, error) { + if token.AccessorID != "" { + return nil, nil, fmt.Errorf("cannot specify Accessor ID") + } + var resp ACLToken + wm, err := a.client.write("/v1/acl/token", token, &resp, q) + if err != nil { + return nil, nil, err + } + return &resp, wm, nil +} + +// Update is used to update an existing token +func (a *ACLTokens) Update(token *ACLToken, q *WriteOptions) (*ACLToken, *WriteMeta, error) { + if token.AccessorID == "" { + return nil, nil, fmt.Errorf("missing accessor ID") + } + var resp ACLToken + wm, err := a.client.write("/v1/acl/token/"+token.AccessorID, + token, &resp, q) + if err != nil { + return nil, nil, err + } + return &resp, wm, nil +} + +// Delete is used to delete a token +func (a *ACLTokens) Delete(accessorID string, q *WriteOptions) (*WriteMeta, error) { + if accessorID == "" { + return nil, fmt.Errorf("missing accessor ID") + } + wm, err := a.client.delete("/v1/acl/token/"+accessorID, nil, q) + if err != nil { + return nil, err + } + return wm, nil +} + +// Info is used to query a token +func (a *ACLTokens) Info(accessorID string, q *QueryOptions) (*ACLToken, *QueryMeta, error) { + if accessorID == "" { + return nil, nil, fmt.Errorf("missing accessor ID") + } + var resp ACLToken + wm, err := a.client.query("/v1/acl/token/"+accessorID, &resp, q) + if err != nil { + return nil, nil, err + } + return &resp, wm, nil +} + // ACLPolicyListStub is used to for listing ACL policies type ACLPolicyListStub struct { Name string diff --git a/api/acl_test.go b/api/acl_test.go index ba4b72be1..b987486ef 100644 --- a/api/acl_test.go +++ b/api/acl_test.go @@ -127,3 +127,81 @@ func TestACLTokens_List(t *testing.T) { t.Fatalf("expected 1 token, got: %d", n) } } + +func TestACLTokens_CreateUpdate(t *testing.T) { + t.Parallel() + c, s, _ := makeACLClient(t, nil, nil) + defer s.Stop() + at := c.ACLTokens() + + token := &ACLToken{ + Name: "foo", + Type: "client", + Policies: []string{"foo1"}, + } + + // Create the token + out, wm, err := at.Create(token, nil) + assert.Nil(t, err) + assertWriteMeta(t, wm) + assert.NotNil(t, out) + + // Update the token + out.Name = "other" + out2, wm, err := at.Update(out, nil) + assert.Nil(t, err) + assertWriteMeta(t, wm) + assert.NotNil(t, out2) + + // Verify the change took hold + assert.Equal(t, out.Name, out2.Name) +} + +func TestACLTokens_Info(t *testing.T) { + t.Parallel() + c, s, _ := makeACLClient(t, nil, nil) + defer s.Stop() + at := c.ACLTokens() + + token := &ACLToken{ + Name: "foo", + Type: "client", + Policies: []string{"foo1"}, + } + + // Create the token + out, wm, err := at.Create(token, nil) + assert.Nil(t, err) + assertWriteMeta(t, wm) + assert.NotNil(t, out) + + // Query the token + out2, qm, err := at.Info(out.AccessorID, nil) + assert.Nil(t, err) + assertQueryMeta(t, qm) + assert.Equal(t, out, out2) +} + +func TestACLTokens_Delete(t *testing.T) { + t.Parallel() + c, s, _ := makeACLClient(t, nil, nil) + defer s.Stop() + at := c.ACLTokens() + + token := &ACLToken{ + Name: "foo", + Type: "client", + Policies: []string{"foo1"}, + } + + // Create the token + out, wm, err := at.Create(token, nil) + assert.Nil(t, err) + assertWriteMeta(t, wm) + assert.NotNil(t, out) + + // Delete the token + wm, err = at.Delete(out.AccessorID, nil) + assert.Nil(t, err) + assertWriteMeta(t, wm) +}