Documentation
¶
Overview ¶
Package user manages user accounts and their team membership.
Index ¶
- Constants
- Variables
- func NewTeamMembershipCommand(apiclient *otfapi.Client) *cobra.Command
- func NewUserCommand(apiClient *otfapi.Client) *cobra.Command
- type CreateUserOptions
- type CreateUserTokenOptions
- type NewUserOption
- type Options
- type Service
- func (a *Service) AddHandlers(r *mux.Router)
- func (a *Service) AddTeamMembership(ctx context.Context, teamID string, usernames []string) error
- func (a *Service) Create(ctx context.Context, username string, opts ...NewUserOption) (*User, error)
- func (a *Service) CreateToken(ctx context.Context, opts CreateUserTokenOptions) (*UserToken, []byte, error)
- func (a *Service) Delete(ctx context.Context, username string) error
- func (a *Service) DeleteToken(ctx context.Context, tokenID string) error
- func (a *Service) GetUser(ctx context.Context, spec UserSpec) (*User, error)
- func (a *Service) List(ctx context.Context) ([]*User, error)
- func (a *Service) ListOrganizationUsers(ctx context.Context, organization string) ([]*User, error)
- func (a *Service) ListTeamUsers(ctx context.Context, teamID string) ([]*User, error)
- func (a *Service) ListTokens(ctx context.Context) ([]*UserToken, error)
- func (f Service) NewUserToken(username string, opts CreateUserTokenOptions) (*UserToken, []byte, error)
- func (a *Service) RemoveTeamMembership(ctx context.Context, teamID string, usernames []string) error
- func (a *Service) SetSiteAdmins(ctx context.Context, usernames ...string) error
- type User
- func (u *User) CanAccessOrganization(action rbac.Action, org string) bool
- func (u *User) CanAccessSite(action rbac.Action) bool
- func (u *User) CanAccessTeam(action rbac.Action, teamID string) bool
- func (u *User) CanAccessWorkspace(action rbac.Action, policy internal.WorkspacePolicy) bool
- func (u *User) IsOwner(organization string) bool
- func (u *User) IsSiteAdmin() bool
- func (u *User) IsTeamMember(teamID string) bool
- func (u *User) Organizations() []string
- func (u *User) String() string
- type UserListOptions
- type UserSpec
- type UserToken
Constants ¶
const ( SiteAdminID = "user-site-admin" SiteAdminUsername = "site-admin" )
const UserTokenKind tokens.Kind = "user_token"
Variables ¶
var ErrCannotDeleteOnlyOwner = errors.New("cannot remove the last owner")
var (
SiteAdmin = User{ID: SiteAdminID, Username: SiteAdminUsername}
)
Functions ¶
Types ¶
type CreateUserOptions ¶
type CreateUserOptions struct {
Username string `json:"username"`
}
type CreateUserTokenOptions ¶
type CreateUserTokenOptions struct {
Description string
}
CreateUserTokenOptions are options for creating a user token via the service endpoint
type NewUserOption ¶
type NewUserOption func(*User)
func WithTeams ¶
func WithTeams(memberships ...*team.Team) NewUserOption
type Service ¶
func NewService ¶
func (*Service) AddHandlers ¶
func (*Service) AddTeamMembership ¶
AddTeamMembership adds users to a team. If a user does not exist then the user is created first.
func (*Service) CreateToken ¶
func (a *Service) CreateToken(ctx context.Context, opts CreateUserTokenOptions) (*UserToken, []byte, error)
CreateToken creates a user token. Only users can create a user token, and they can only create a token for themselves.
func (*Service) DeleteToken ¶
func (*Service) ListOrganizationUsers ¶
ListOrganizationUsers lists an organization's users
func (*Service) ListTeamUsers ¶
ListTeamUsers lists users that are members of the given team. The caller needs either organization-wide authority to call this endpoint, or they need to be a member of the team.
func (*Service) ListTokens ¶
func (Service) NewUserToken ¶
func (f Service) NewUserToken(username string, opts CreateUserTokenOptions) (*UserToken, []byte, error)
func (*Service) RemoveTeamMembership ¶
func (a *Service) RemoveTeamMembership(ctx context.Context, teamID string, usernames []string) error
RemoveTeamMembership removes users from a team.
func (*Service) SetSiteAdmins ¶
SetSiteAdmins authoritatively promotes users with the given usernames to site admins. If no such users exist then they are created. Any unspecified users that are currently site admins are demoted.
type User ¶
type User struct {
ID string `jsonapi:"primary,users"`
CreatedAt time.Time `jsonapi:"attribute" json:"created-at"`
UpdatedAt time.Time `jsonapi:"attribute" json:"updated-at"`
SiteAdmin bool `jsonapi:"attribute" json:"site-admin"`
// username is globally unique
Username string `jsonapi:"attribute" json:"username"`
// user belongs to many teams
Teams []*team.Team
}
User represents an OTF user account.
func NewUser ¶
func NewUser(username string, opts ...NewUserOption) *User
func UserFromContext ¶
UserFromContext retrieves a user from a context
func (*User) CanAccessOrganization ¶
func (*User) CanAccessWorkspace ¶
func (*User) IsSiteAdmin ¶
IsSiteAdmin determines whether user is a site admin. A user is a site admin in either of two cases: (1) their account has been promoted to site admin (think sudo) (2) the account is *the* site admin (think root)
func (*User) IsTeamMember ¶
IsTeamMember determines whether user is a member of the given team.
func (*User) Organizations ¶
Organizations returns the user's membership of organizations (indirectly via their membership of teams).
NOTE: always returns a non-nil slice
type UserListOptions ¶
UserListOptions are options for the ListUsers endpoint.
Source Files