initial commit

internal/permissions/assignments.go

@@ -0,0 +1,84 @@
+package permissions
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+
+	"go.infratographer.com/x/gidx"
+)
+
+type RoleAssign struct {
+	SubjectID string `json:"subject_id"`
+}
+
+type RoleAssignResponse struct {
+	Success bool `json:"success"`
+}
+
+type roleAssignmentData struct {
+	Data []struct {
+		SubjectID string `json:"subject_id"`
+	} `json:"data"`
+}
+
+func (c *Client) AssignRole(ctx context.Context, roleID gidx.PrefixedID, memberID gidx.PrefixedID) error {
+	path := fmt.Sprintf("/api/v1/roles/%s/assignments", roleID.String())
+
+	body, err := encodeJSON(RoleAssign{
+		SubjectID: memberID.String(),
+	})
+	if err != nil {
+		return err
+	}
+
+	var response RoleAssignResponse
+
+	if _, err = c.DoRequest(ctx, http.MethodPost, path, body, &response); err != nil {
+		return err
+	}
+
+	if !response.Success {
+		return ErrAssignmentFailed
+	}
+
+	return nil
+}
+
+func (c *Client) ListRoleAssignments(ctx context.Context, roleID gidx.PrefixedID) ([]gidx.PrefixedID, error) {
+	path := fmt.Sprintf("/api/v1/roles/%s/assignments", roleID.String())
+
+	var response roleAssignmentData
+
+	if _, err := c.DoRequest(ctx, http.MethodGet, path, nil, &response); err != nil {
+		return nil, err
+	}
+
+	assignments := make([]gidx.PrefixedID, len(response.Data))
+
+	for i, assignment := range response.Data {
+		id, err := gidx.Parse(assignment.SubjectID)
+		if err != nil {
+			return nil, fmt.Errorf("%w: failed parsing id %s", err, assignment.SubjectID)
+		}
+
+		assignments[i] = id
+	}
+
+	return assignments, nil
+}
+
+func (c *Client) RoleHasAssignment(ctx context.Context, roleID gidx.PrefixedID, memberID gidx.PrefixedID) (bool, error) {
+	assignments, err := c.ListRoleAssignments(ctx, roleID)
+	if err != nil {
+		return false, err
+	}
+
+	for _, assignment := range assignments {
+		if assignment == memberID {
+			return true, nil
+		}
+	}
+
+	return false, nil
+}