initial commit

internal/permissions/roles.go

@@ -0,0 +1,82 @@
+package permissions
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+
+	"go.infratographer.com/x/gidx"
+	"golang.org/x/exp/slices"
+)
+
+type ResourceRoleCreate struct {
+	Actions []string `json:"actions"`
+}
+
+type ResourceRoleCreateResponse struct {
+	ID string `json:"id"`
+}
+
+type ResourceRoles []ResourceRole
+
+type ResourceRole struct {
+	ID      gidx.PrefixedID `json:"id"`
+	Actions []string        `json:"actions"`
+}
+
+func (c *Client) CreateRole(ctx context.Context, resourceID gidx.PrefixedID, actions []string) (gidx.PrefixedID, error) {
+	path := fmt.Sprintf("/api/v1/resources/%s/roles", resourceID.String())
+
+	body, err := encodeJSON(ResourceRoleCreate{
+		Actions: actions,
+	})
+	if err != nil {
+		return gidx.NullPrefixedID, err
+	}
+
+	var response ResourceRoleCreateResponse
+
+	if _, err = c.DoRequest(ctx, http.MethodPost, path, body, &response); err != nil {
+		return gidx.NullPrefixedID, err
+	}
+
+	roleID, err := gidx.Parse(response.ID)
+	if err != nil {
+		return gidx.NullPrefixedID, err
+	}
+
+	return roleID, nil
+}
+
+func (c *Client) ListResourceRoles(ctx context.Context, resourceID gidx.PrefixedID) (ResourceRoles, error) {
+	path := fmt.Sprintf("/api/v1/resources/%s/roles", resourceID.String())
+
+	var response ResourceRoles
+
+	if _, err := c.DoRequest(ctx, http.MethodGet, path, nil, &response); err != nil {
+		return nil, err
+	}
+
+	return response, nil
+}
+
+func (c *Client) FindResourceRoleByActions(ctx context.Context, resourceID gidx.PrefixedID, actions []string) (ResourceRole, error) {
+	roles, err := c.ListResourceRoles(ctx, resourceID)
+	if err != nil {
+		return ResourceRole{}, err
+	}
+
+	slices.Sort(actions)
+
+	for _, role := range roles {
+		roleActions := role.Actions
+
+		slices.Sort(roleActions)
+
+		if slices.Equal(actions, roleActions) {
+			return role, nil
+		}
+	}
+
+	return ResourceRole{}, ErrRoleNotFound
+}