2023-07-18 21:30:46 +02:00
|
|
|
package sdk
|
|
|
|
|
|
|
|
import (
|
|
|
|
httptransport "github.com/go-openapi/runtime/client"
|
|
|
|
"github.com/openziti/zrok/environment/env_core"
|
|
|
|
"github.com/openziti/zrok/rest_client_zrok/share"
|
|
|
|
"github.com/openziti/zrok/rest_model_zrok"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
)
|
|
|
|
|
|
|
|
func CreateAccess(root env_core.Root, request *AccessRequest) (*Access, error) {
|
2023-07-26 22:25:52 +02:00
|
|
|
if !root.IsEnabled() {
|
|
|
|
return nil, errors.New("environment is not enabled; enable with 'zrok enable' first!")
|
|
|
|
}
|
|
|
|
|
2023-07-18 21:30:46 +02:00
|
|
|
out := share.NewAccessParams()
|
|
|
|
out.Body = &rest_model_zrok.AccessRequest{
|
|
|
|
ShrToken: request.ShareToken,
|
2023-07-26 22:19:16 +02:00
|
|
|
EnvZID: root.Environment().ZitiIdentity,
|
2023-07-18 21:30:46 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
zrok, err := root.Client()
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrap(err, "error getting zrok client")
|
|
|
|
}
|
|
|
|
auth := httptransport.APIKeyAuth("X-TOKEN", "header", root.Environment().Token)
|
|
|
|
|
|
|
|
in, err := zrok.Share.Access(out, auth)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrap(err, "unable to create access")
|
|
|
|
}
|
|
|
|
|
|
|
|
return &Access{Token: in.Payload.FrontendToken, ShareToken: request.ShareToken, BackendMode: BackendMode(in.Payload.BackendMode)}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func DeleteAccess(root env_core.Root, acc *Access) error {
|
|
|
|
out := share.NewUnaccessParams()
|
|
|
|
out.Body = &rest_model_zrok.UnaccessRequest{
|
|
|
|
FrontendToken: acc.Token,
|
|
|
|
ShrToken: acc.ShareToken,
|
|
|
|
EnvZID: root.Environment().ZitiIdentity,
|
|
|
|
}
|
|
|
|
|
|
|
|
zrok, err := root.Client()
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "error getting zrok client")
|
|
|
|
}
|
|
|
|
auth := httptransport.APIKeyAuth("X-TOKEN", "header", root.Environment().Token)
|
|
|
|
|
|
|
|
_, err = zrok.Share.Unaccess(out, auth)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "error deleting access")
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|