mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
b9e6a84f24
#11089 - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md)~ - [X] Documented any permissions changes - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - [x] Added/updated tests - [X] Manual QA for all new/changed functionality - ~For Orbit and Fleet Desktop changes:~ - ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux.~ - ~[ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
78 lines
2.2 KiB
Go
78 lines
2.2 KiB
Go
package service
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
|
|
"github.com/fleetdm/fleet/v4/server/fleet"
|
|
)
|
|
|
|
// CreateUser creates a new user, skipping the invitation process.
|
|
func (c *Client) CreateUser(p fleet.UserPayload) error {
|
|
verb, path := "POST", "/api/latest/fleet/users/admin"
|
|
var responseBody createUserResponse
|
|
|
|
return c.authenticatedRequest(p, verb, path, &responseBody)
|
|
}
|
|
|
|
// ListUsers retrieves the list of users.
|
|
func (c *Client) ListUsers() ([]fleet.User, error) {
|
|
verb, path := "GET", "/api/latest/fleet/users"
|
|
var responseBody listUsersResponse
|
|
|
|
err := c.authenticatedRequest(nil, verb, path, &responseBody)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return responseBody.Users, nil
|
|
}
|
|
|
|
// ApplyUsersRoleSecretSpec applies the global and team roles for users.
|
|
func (c *Client) ApplyUsersRoleSecretSpec(spec *fleet.UsersRoleSpec) error {
|
|
req := applyUserRoleSpecsRequest{Spec: spec}
|
|
verb, path := "POST", "/api/latest/fleet/users/roles/spec"
|
|
var responseBody applyUserRoleSpecsResponse
|
|
return c.authenticatedRequest(req, verb, path, &responseBody)
|
|
}
|
|
|
|
func (c *Client) userIdFromEmail(email string) (uint, error) {
|
|
verb, path := "POST", "/api/latest/fleet/translate"
|
|
var responseBody translatorResponse
|
|
|
|
params := translatorRequest{List: []fleet.TranslatePayload{
|
|
{
|
|
Type: fleet.TranslatorTypeUserEmail,
|
|
Payload: fleet.StringIdentifierToIDPayload{Identifier: email},
|
|
},
|
|
}}
|
|
|
|
err := c.authenticatedRequest(¶ms, verb, path, &responseBody)
|
|
if err != nil {
|
|
return 0, err
|
|
}
|
|
if len(responseBody.List) != 1 {
|
|
return 0, errors.New("Expected 1 item translated, got none")
|
|
}
|
|
return responseBody.List[0].Payload.ID, nil
|
|
}
|
|
|
|
// DeleteUser deletes the user specified by the email
|
|
func (c *Client) DeleteUser(email string) error {
|
|
userID, err := c.userIdFromEmail(email)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
verb, path := "DELETE", fmt.Sprintf("/api/latest/fleet/users/%d", userID)
|
|
var responseBody deleteUserResponse
|
|
return c.authenticatedRequest(nil, verb, path, &responseBody)
|
|
}
|
|
|
|
// Me returns the user associated with the current session.
|
|
func (c *Client) Me() (*fleet.User, error) {
|
|
verb, path := "GET", "/api/latest/fleet/me"
|
|
var responseBody getUserResponse
|
|
err := c.authenticatedRequest(nil, verb, path, &responseBody)
|
|
return responseBody.User, err
|
|
}
|