From d3f9cd39978598858333eecffac621dfd67619dd Mon Sep 17 00:00:00 2001 From: mshneorson Date: Tue, 30 Aug 2022 17:33:30 +0300 Subject: [PATCH] 1. add copyright notice 2. generating the code with go 1.19 Signed-off-by: mshneorson --- clients/go/zms/model.go | 226 -------- clients/go/zms/zms_schema.go | 2 +- clients/go/zts/model.go | 502 ------------------ .../java/com/yahoo/athenz/zms/ZMSSchema.java | 2 +- core/zms/src/main/rdl/Domain.rdli | 2 +- .../yahoo/athenz/zms/ExpiredMembersTest.java | 16 + .../yahoo/athenz/zms/ExpiryMemberTest.java | 16 + .../java/com/yahoo/athenz/zms/DBService.java | 2 +- .../java/com/yahoo/athenz/zms/ZMSConsts.java | 2 +- .../com/yahoo/athenz/zms/ZMSResources.java | 2 +- .../athenz/zms/purge/PurgeResourcesEnum.java | 18 + .../zms/store/impl/jdbc/JDBCConnection.java | 7 +- 12 files changed, 58 insertions(+), 739 deletions(-) diff --git a/clients/go/zms/model.go b/clients/go/zms/model.go index 1048242ff73..1594952b913 100644 --- a/clients/go/zms/model.go +++ b/clients/go/zms/model.go @@ -12,124 +12,82 @@ var _ = rdl.Version var _ = json.Marshal var _ = fmt.Printf -// // SimpleName - Copyright 2016 Yahoo Inc. Licensed under the terms of the // Apache version 2.0 license. See LICENSE file for terms. Common name types // used by several API definitions A simple identifier, an element of compound // name. -// type SimpleName string -// // CompoundName - A compound name. Most names in this API are compound names. -// type CompoundName string -// // DomainName - A domain name is the general qualifier prefix, as its // uniqueness is managed. -// type DomainName string -// // EntityName - An entity name is a short form of a resource name, including // only the domain and entity. -// type EntityName string -// // ServiceName - A service name will generally be a unique subdomain. -// type ServiceName string -// // LocationName - A location name is not yet defined, but will be a dotted name // like everything else. -// type LocationName string -// // ActionName - An action (operation) name. -// type ActionName string -// // ResourceName - A resource name Note that the EntityName part is optional, // that is, a domain name followed by a colon is valid resource name. -// type ResourceName string -// // ResourceNames - A comma separated list of resource names -// type ResourceNames string -// // YBase64 - The Y-specific URL-safe Base64 variant. -// type YBase64 string -// // YEncoded - YEncoded includes ybase64 chars, as well as = and %. This can // represent a user cookie and URL-encoded values. -// type YEncoded string -// // AuthorityName - Used as the prefix in a signed assertion. This uniquely // identifies a signing authority. -// type AuthorityName string -// // SignedToken - A signed assertion if identity. i.e. the user cookie value. // This token will only make sense to the authority that generated it, so it is // beneficial to have something in the value that is cheaply recognized to // quickly reject if it belongs to another authority. In addition to the // YEncoded set our token includes ; to separate components and , to separate // roles and : for IPv6 addresses -// type SignedToken string -// // GroupName - A group name -// type GroupName string -// // GroupMemberName - A group member name -// type GroupMemberName string -// // MemberName - Role Member name - could be one of four values: *, DomainName.* // or ServiceName[*], or GroupNames -// type MemberName string -// // AuthorityKeyword - A comma separated list of authority keywords -// type AuthorityKeyword string -// // AuthorityKeywords - -// type AuthorityKeywords string -// // TagValue - TagValue to contain generic string patterns -// type TagValue string -// // TagCompoundValue - A compound value of TagValue -// type TagCompoundValue string -// // TagValueList - -// type TagValueList struct { // @@ -179,30 +137,20 @@ func (self *TagValueList) Validate() error { return nil } -// // AssertionConditionKeyPattern - -// type AssertionConditionKeyPattern string -// // AssertionConditionKey - -// type AssertionConditionKey string -// // AssertionConditionValuePattern - -// type AssertionConditionValuePattern string -// // AssertionConditionValue - -// type AssertionConditionValue string -// // DomainMeta - Set of metadata attributes that all domains may have and can be // changed. -// type DomainMeta struct { // @@ -406,14 +354,12 @@ func (self *DomainMeta) Validate() error { return nil } -// // Domain - A domain is an independent partition of users, roles, and // resources. Its name represents the definition of a namespace; the only way a // new namespace can be created, from the top, is by creating Domains. // Administration of a domain is governed by the parent domain (using // reverse-DNS namespaces). The top level domains are governed by the special // "sys.auth" domain. -// type Domain struct { // @@ -640,9 +586,7 @@ func (self *Domain) Validate() error { return nil } -// // DomainMetaList - A list of domain objects with their meta attributes. -// type DomainMetaList struct { // @@ -692,9 +636,7 @@ func (self *DomainMetaList) Validate() error { return nil } -// // DomainList - A paginated list of domains. -// type DomainList struct { // @@ -757,10 +699,8 @@ func (self *DomainList) Validate() error { return nil } -// // RoleList - The representation for an enumeration of roles in the namespace, // with pagination. -// type RoleList struct { // @@ -823,9 +763,7 @@ func (self *RoleList) Validate() error { return nil } -// // RoleAuditLog - An audit log entry for role membership change. -// type RoleAuditLog struct { // @@ -917,9 +855,7 @@ func (self *RoleAuditLog) Validate() error { return nil } -// // RoleMember - -// type RoleMember struct { // @@ -1050,10 +986,8 @@ func (self *RoleMember) Validate() error { return nil } -// // RoleMeta - Set of metadata attributes that all roles may have and can be // changed by domain admins. -// type RoleMeta struct { // @@ -1200,9 +1134,7 @@ func (self *RoleMeta) Validate() error { return nil } -// // Role - The representation for a Role with set of members. -// type Role struct { // @@ -1405,9 +1337,7 @@ func (self *Role) Validate() error { return nil } -// // Roles - The representation for a list of roles with full details -// type Roles struct { // @@ -1457,9 +1387,7 @@ func (self *Roles) Validate() error { return nil } -// // Membership - The representation for a role membership. -// type Membership struct { // @@ -1588,9 +1516,7 @@ func (self *Membership) Validate() error { return nil } -// // DefaultAdmins - The list of domain administrators. -// type DefaultAdmins struct { // @@ -1640,9 +1566,7 @@ func (self *DefaultAdmins) Validate() error { return nil } -// // MemberRole - -// type MemberRole struct { // @@ -1767,9 +1691,7 @@ func (self *MemberRole) Validate() error { return nil } -// // DomainRoleMember - -// type DomainRoleMember struct { // @@ -1832,9 +1754,7 @@ func (self *DomainRoleMember) Validate() error { return nil } -// // DomainRoleMembers - -// type DomainRoleMembers struct { // @@ -1897,10 +1817,8 @@ func (self *DomainRoleMembers) Validate() error { return nil } -// // RoleSystemMeta - Set of system metadata attributes that all roles may have // and can be changed by system admins. -// type RoleSystemMeta struct { // @@ -1941,9 +1859,7 @@ func (self *RoleSystemMeta) Validate() error { return nil } -// // AssertionEffect - Every assertion can have the effect of ALLOW or DENY. -// type AssertionEffect int // AssertionEffect constants @@ -2013,9 +1929,7 @@ func (e *AssertionEffect) UnmarshalJSON(b []byte) error { return err } -// // AssertionConditionOperator - Allowed operators for assertion conditions -// type AssertionConditionOperator int // AssertionConditionOperator constants @@ -2083,10 +1997,8 @@ func (e *AssertionConditionOperator) UnmarshalJSON(b []byte) error { return err } -// // AssertionConditionData - A representation of details associated with an // assertion condition key -// type AssertionConditionData struct { // @@ -2138,10 +2050,8 @@ func (self *AssertionConditionData) Validate() error { return nil } -// // AssertionCondition - A representation of condition associated with an // assertion -// type AssertionCondition struct { // @@ -2198,9 +2108,7 @@ func (self *AssertionCondition) Validate() error { return nil } -// // AssertionConditions - The representation of list of assertion conditions -// type AssertionConditions struct { // @@ -2250,10 +2158,8 @@ func (self *AssertionConditions) Validate() error { return nil } -// // Assertion - A representation for the encapsulation of an action to be // performed on a resource by a principal. -// type Assertion struct { // @@ -2348,9 +2254,7 @@ func (self *Assertion) Validate() error { return nil } -// // Policy - The representation for a Policy with set of assertions. -// type Policy struct { // @@ -2450,9 +2354,7 @@ func (self *Policy) Validate() error { return nil } -// // Policies - The representation of list of policy objects -// type Policies struct { // @@ -2502,9 +2404,7 @@ func (self *Policies) Validate() error { return nil } -// // PolicyOptions - Options for Policy Management Requests -// type PolicyOptions struct { // @@ -2562,10 +2462,8 @@ func (self *PolicyOptions) Validate() error { return nil } -// // PublicKeyEntry - The representation of the public key in a service identity // object. -// type PublicKeyEntry struct { // @@ -2625,9 +2523,7 @@ func (self *PublicKeyEntry) Validate() error { return nil } -// // ServiceIdentity - The representation of the service identity object. -// type ServiceIdentity struct { // @@ -2744,9 +2640,7 @@ func (self *ServiceIdentity) Validate() error { return nil } -// // ServiceIdentities - The representation of list of services -// type ServiceIdentities struct { // @@ -2796,10 +2690,8 @@ func (self *ServiceIdentities) Validate() error { return nil } -// // ServiceIdentityList - The representation for an enumeration of services in // the namespace, with pagination. -// type ServiceIdentityList struct { // @@ -2862,10 +2754,8 @@ func (self *ServiceIdentityList) Validate() error { return nil } -// // ServiceIdentitySystemMeta - Set of system metadata attributes that all // services may have and can be changed by system admins. -// type ServiceIdentitySystemMeta struct { // @@ -2910,9 +2800,7 @@ func (self *ServiceIdentitySystemMeta) Validate() error { return nil } -// // TemplateMetaData - MetaData for template. -// type TemplateMetaData struct { // @@ -3000,9 +2888,7 @@ func (self *TemplateMetaData) Validate() error { return nil } -// // Template - Solution Template object defined on the server -// type Template struct { // @@ -3073,10 +2959,8 @@ func (self *Template) Validate() error { return nil } -// // TemplateList - List of template names that is the base struct for server and // domain templates -// type TemplateList struct { // @@ -3126,9 +3010,7 @@ func (self *TemplateList) Validate() error { return nil } -// // TemplateParam - -// type TemplateParam struct { // @@ -3188,9 +3070,7 @@ func (self *TemplateParam) Validate() error { return nil } -// // DomainTemplate - solution template(s) to be applied to a domain -// type DomainTemplate struct { // @@ -3245,9 +3125,7 @@ func (self *DomainTemplate) Validate() error { return nil } -// // DomainTemplateList - List of solution templates to be applied to a domain -// type DomainTemplateList struct { // @@ -3297,9 +3175,7 @@ func (self *DomainTemplateList) Validate() error { return nil } -// // ServerTemplateList - List of solution templates available in the server -// type ServerTemplateList struct { // @@ -3349,10 +3225,8 @@ func (self *ServerTemplateList) Validate() error { return nil } -// // DomainTemplateDetailsList - List of templates with metadata details given a // domain -// type DomainTemplateDetailsList struct { // @@ -3402,10 +3276,8 @@ func (self *DomainTemplateDetailsList) Validate() error { return nil } -// // TopLevelDomain - Top Level Domain object. The required attributes include // the name of the domain and list of domain administrators. -// type TopLevelDomain struct { // @@ -3638,9 +3510,7 @@ func (self *TopLevelDomain) Validate() error { return nil } -// // SubDomain - A Subdomain is a TopLevelDomain, except it has a parent. -// type SubDomain struct { // @@ -3886,10 +3756,8 @@ func (self *SubDomain) Validate() error { return nil } -// // UserDomain - A UserDomain is the user's own top level domain in user - e.g. // user.hga -// type UserDomain struct { // @@ -4111,9 +3979,7 @@ func (self *UserDomain) Validate() error { return nil } -// // DomainMetaStoreValidValuesList - List of valid domain meta attribute values -// type DomainMetaStoreValidValuesList struct { // @@ -4163,9 +4029,7 @@ func (self *DomainMetaStoreValidValuesList) Validate() error { return nil } -// // AuthHistory - -// type AuthHistory struct { // @@ -4264,9 +4128,7 @@ func (self *AuthHistory) Validate() error { return nil } -// // AuthHistoryDependencies - -// type AuthHistoryDependencies struct { // @@ -4327,9 +4189,7 @@ func (self *AuthHistoryDependencies) Validate() error { return nil } -// // ExpiryMember - -// type ExpiryMember struct { // @@ -4410,9 +4270,7 @@ func (self *ExpiryMember) Validate() error { return nil } -// // ExpiredMembers - -// type ExpiredMembers struct { // @@ -4473,10 +4331,8 @@ func (self *ExpiredMembers) Validate() error { return nil } -// // DanglingPolicy - A dangling policy where the assertion is referencing a role // name that doesn't exist in the domain -// type DanglingPolicy struct { PolicyName EntityName `json:"policyName"` RoleName EntityName `json:"roleName"` @@ -4528,11 +4384,9 @@ func (self *DanglingPolicy) Validate() error { return nil } -// // DomainDataCheck - Domain data object representing the results of a check // operation looking for dangling roles, policies and trust relationships that // are set either on tenant or provider side only -// type DomainDataCheck struct { // @@ -4607,11 +4461,9 @@ func (self *DomainDataCheck) Validate() error { return nil } -// // Entity - An entity is a name and a structured value. some entity // names/prefixes are reserved (i.e. "role", "policy", "meta", "domain", // "service") -// type Entity struct { // @@ -4674,10 +4526,8 @@ func (self *Entity) Validate() error { return nil } -// // EntityList - The representation for an enumeration of entities in the // namespace -// type EntityList struct { // @@ -4727,9 +4577,7 @@ func (self *EntityList) Validate() error { return nil } -// // GroupAuditLog - An audit log entry for group membership change. -// type GroupAuditLog struct { // @@ -4821,9 +4669,7 @@ func (self *GroupAuditLog) Validate() error { return nil } -// // GroupMember - -// type GroupMember struct { // @@ -4968,9 +4814,7 @@ func (self *GroupMember) Validate() error { return nil } -// // GroupMembership - The representation for a group membership. -// type GroupMembership struct { // @@ -5094,10 +4938,8 @@ func (self *GroupMembership) Validate() error { return nil } -// // GroupMeta - Set of metadata attributes that all groups may have and can be // changed by domain admins. -// type GroupMeta struct { // @@ -5192,9 +5034,7 @@ func (self *GroupMeta) Validate() error { return nil } -// // Group - The representation for a Group with set of members. -// type Group struct { // @@ -5329,9 +5169,7 @@ func (self *Group) Validate() error { return nil } -// // Groups - The representation for a list of groups with full details -// type Groups struct { // @@ -5381,9 +5219,7 @@ func (self *Groups) Validate() error { return nil } -// // DomainGroupMember - -// type DomainGroupMember struct { // @@ -5446,9 +5282,7 @@ func (self *DomainGroupMember) Validate() error { return nil } -// // DomainGroupMembers - -// type DomainGroupMembers struct { // @@ -5511,9 +5345,7 @@ func (self *DomainGroupMembers) Validate() error { return nil } -// // DomainGroupMembership - -// type DomainGroupMembership struct { DomainGroupMembersList []*DomainGroupMembers `json:"domainGroupMembersList"` } @@ -5559,10 +5391,8 @@ func (self *DomainGroupMembership) Validate() error { return nil } -// // GroupSystemMeta - Set of system metadata attributes that all groups may have // and can be changed by system admins. -// type GroupSystemMeta struct { // @@ -5603,10 +5433,8 @@ func (self *GroupSystemMeta) Validate() error { return nil } -// // PolicyList - The representation for an enumeration of policies in the // namespace, with pagination. -// type PolicyList struct { // @@ -5669,9 +5497,7 @@ func (self *PolicyList) Validate() error { return nil } -// // Tenancy - A representation of tenant. -// type Tenancy struct { // @@ -5750,9 +5576,7 @@ func (self *Tenancy) Validate() error { return nil } -// // TenantRoleAction - A representation of tenant role action. -// type TenantRoleAction struct { // @@ -5812,10 +5636,8 @@ func (self *TenantRoleAction) Validate() error { return nil } -// // TenantResourceGroupRoles - A representation of tenant roles for resource // groups to be provisioned. -// type TenantResourceGroupRoles struct { // @@ -5917,10 +5739,8 @@ func (self *TenantResourceGroupRoles) Validate() error { return nil } -// // ProviderResourceGroupRoles - A representation of provider roles to be // provisioned. -// type ProviderResourceGroupRoles struct { // @@ -6041,9 +5861,7 @@ func (self *ProviderResourceGroupRoles) Validate() error { return nil } -// // Access - Access can be checked and returned as this resource. -// type Access struct { // @@ -6082,9 +5900,7 @@ func (self *Access) Validate() error { return nil } -// // ResourceAccess - -// type ResourceAccess struct { Principal ResourceName `json:"principal"` Assertions []*Assertion `json:"assertions"` @@ -6139,9 +5955,7 @@ func (self *ResourceAccess) Validate() error { return nil } -// // ResourceAccessList - -// type ResourceAccessList struct { Resources []*ResourceAccess `json:"resources"` } @@ -6187,12 +6001,10 @@ func (self *ResourceAccessList) Validate() error { return nil } -// // DomainPolicies - We need to include the name of the domain in this struct // since this data will be passed back to ZPU through ZTS so we need to sign not // only the list of policies but also the corresponding domain name that the // policies belong to. -// type DomainPolicies struct { // @@ -6255,10 +6067,8 @@ func (self *DomainPolicies) Validate() error { return nil } -// // SignedPolicies - A signed bulk transfer of policies. The data is signed with // server's private key. -// type SignedPolicies struct { // @@ -6334,9 +6144,7 @@ func (self *SignedPolicies) Validate() error { return nil } -// // DomainData - A domain object that includes its roles, policies and services. -// type DomainData struct { // @@ -6616,11 +6424,9 @@ func (self *DomainData) Validate() error { return nil } -// // SignedDomain - A domain object signed with server's private key. The // signature and keyid are optional if the metaonly flag is set to true in the // getSignedDomains api call -// type SignedDomain struct { // @@ -6692,9 +6498,7 @@ func (self *SignedDomain) Validate() error { return nil } -// // SignedDomains - A list of signed domain objects -// type SignedDomains struct { Domains []*SignedDomain `json:"domains"` } @@ -6740,10 +6544,8 @@ func (self *SignedDomains) Validate() error { return nil } -// // JWSDomain - SignedDomain using flattened JWS JSON Serialization syntax. // https://tools.ietf.org/html/rfc7515#section-7.2.2 -// type JWSDomain struct { Payload string `json:"payload"` Protected string `json:"protected"` @@ -6816,9 +6618,7 @@ func (self *JWSDomain) Validate() error { return nil } -// // UserToken - A user token generated based on user's credentials -// type UserToken struct { // @@ -6876,9 +6676,7 @@ func (self *UserToken) Validate() error { return nil } -// // ServicePrincipal - A service principal object identifying a given service. -// type ServicePrincipal struct { // @@ -6951,9 +6749,7 @@ func (self *ServicePrincipal) Validate() error { return nil } -// // User - The representation for a user -// type User struct { // @@ -7000,9 +6796,7 @@ func (self *User) Validate() error { return nil } -// // UserList - -// type UserList struct { // @@ -7052,9 +6846,7 @@ func (self *UserList) Validate() error { return nil } -// // Quota - The representation for a quota object -// type Quota struct { // @@ -7161,9 +6953,7 @@ func (self *Quota) Validate() error { return nil } -// // Status - The representation for a status object -// type Status struct { // @@ -7215,9 +7005,7 @@ func (self *Status) Validate() error { return nil } -// // DomainRoleMembership - -// type DomainRoleMembership struct { DomainRoleMembersList []*DomainRoleMembers `json:"domainRoleMembersList"` } @@ -7263,10 +7051,8 @@ func (self *DomainRoleMembership) Validate() error { return nil } -// // UserAuthorityAttributes - Copyright Athenz Authors Licensed under the terms // of the Apache version 2.0 license. See LICENSE file for terms. -// type UserAuthorityAttributes struct { Values []string `json:"values"` } @@ -7312,9 +7098,7 @@ func (self *UserAuthorityAttributes) Validate() error { return nil } -// // UserAuthorityAttributeMap - Map of user authority attributes -// type UserAuthorityAttributeMap struct { // @@ -7364,9 +7148,7 @@ func (self *UserAuthorityAttributeMap) Validate() error { return nil } -// // Stats - The representation for a stats object -// type Stats struct { // @@ -7466,9 +7248,7 @@ func (self *Stats) Validate() error { return nil } -// // DependentService - Dependent service provider details -// type DependentService struct { // @@ -7515,9 +7295,7 @@ func (self *DependentService) Validate() error { return nil } -// // DependentServiceResourceGroup - -// type DependentServiceResourceGroup struct { // @@ -7582,9 +7360,7 @@ func (self *DependentServiceResourceGroup) Validate() error { return nil } -// // DependentServiceResourceGroupList - -// type DependentServiceResourceGroupList struct { // @@ -7634,11 +7410,9 @@ func (self *DependentServiceResourceGroupList) Validate() error { return nil } -// // Info - Copyright Athenz Authors Licensed under the terms of the Apache // version 2.0 license. See LICENSE file for terms. The representation for an // info object -// type Info struct { // diff --git a/clients/go/zms/zms_schema.go b/clients/go/zms/zms_schema.go index 5f817a47b22..5a79468e235 100644 --- a/clients/go/zms/zms_schema.go +++ b/clients/go/zms/zms_schema.go @@ -1013,7 +1013,7 @@ func init() { mDeleteExpiredMembers.Comment("Delete expired principals") mDeleteExpiredMembers.Input("purgeResources", "Int32", false, "purgeResources", "", true, nil, "defining which resources will be purged. by default all resources will be purged") mDeleteExpiredMembers.Input("returnObj", "Bool", false, "", "Athenz-Return-Object", true, false, "Return object param updated object back.") - mDeleteExpiredMembers.Auth("purge", "sys.auth:role.purge_expired_members", false, "") + mDeleteExpiredMembers.Auth("delete", "sys.auth:expired_members", false, "") mDeleteExpiredMembers.Expected("NO_CONTENT") mDeleteExpiredMembers.Exception("BAD_REQUEST", "ResourceError", "") mDeleteExpiredMembers.Exception("FORBIDDEN", "ResourceError", "") diff --git a/clients/go/zts/model.go b/clients/go/zts/model.go index db40d6f8390..149c2bae1ee 100644 --- a/clients/go/zts/model.go +++ b/clients/go/zts/model.go @@ -14,92 +14,62 @@ var _ = rdl.Version var _ = json.Marshal var _ = fmt.Printf -// // SimpleName - Copyright 2016 Yahoo Inc. Licensed under the terms of the // Apache version 2.0 license. See LICENSE file for terms. Common name types // used by several API definitions A simple identifier, an element of compound // name. -// type SimpleName string -// // CompoundName - A compound name. Most names in this API are compound names. -// type CompoundName string -// // DomainName - A domain name is the general qualifier prefix, as its // uniqueness is managed. -// type DomainName string -// // EntityName - An entity name is a short form of a resource name, including // only the domain and entity. -// type EntityName string -// // EntityList - An Entity list is comma separated compound Names -// type EntityList string -// // ServiceName - A service name will generally be a unique subdomain. -// type ServiceName string -// // ActionName - An action (operation) name. -// type ActionName string -// // ResourceName - A resource name Note that the EntityName part is optional, // that is, a domain name followed by a colon is valid resource name. -// type ResourceName string -// // YBase64 - The Y-specific URL-safe Base64 variant. -// type YBase64 string -// // YEncoded - YEncoded includes ybase64 chars, as well as = and %. This can // represent a user cookie and URL-encoded values. -// type YEncoded string -// // AuthorityName - Used as the prefix in a signed assertion. This uniquely // identifies a signing authority. -// type AuthorityName string -// // SignedToken - A signed assertion if identity. i.e. the user cookie value. // This token will only make sense to the authority that generated it, so it is // beneficial to have something in the value that is cheaply recognized to // quickly reject if it belongs to another authority. In addition to the // YEncoded set our token includes ; to separate components and , to separate // roles -// type SignedToken string -// // PathElement - A uri-safe path element -// type PathElement string -// // CertType - CertType denotes various types of certs issued by Athenz -// type CertType int -// // CertType constants -// const ( _ CertType = iota X509 @@ -113,9 +83,7 @@ var namesCertType = []string{ SSH_USER: "SSH_USER", } -// // NewCertType - return a string representation of the enum -// func NewCertType(init ...interface{}) CertType { if len(init) == 1 { switch v := init[0].(type) { @@ -138,30 +106,22 @@ func NewCertType(init ...interface{}) CertType { return CertType(0) //default to the first enum value } -// // String - return a string representation of the enum -// func (e CertType) String() string { return namesCertType[e] } -// // SymbolSet - return an array of all valid string representations (symbols) of the enum -// func (e CertType) SymbolSet() []string { return namesCertType } -// // MarshalJSON is defined for proper JSON encoding of a CertType -// func (e CertType) MarshalJSON() ([]byte, error) { return json.Marshal(e.String()) } -// // UnmarshalJSON is defined for proper JSON decoding of a CertType -// func (e *CertType) UnmarshalJSON(b []byte) error { var j string err := json.Unmarshal(b, &j) @@ -178,10 +138,8 @@ func (e *CertType) UnmarshalJSON(b []byte) error { return err } -// // ResourceAccess - ResourceAccess can be checked and returned as this // resource. (same as ZMS.Access) -// type ResourceAccess struct { // @@ -190,9 +148,7 @@ type ResourceAccess struct { Granted bool `json:"granted"` } -// // NewResourceAccess - creates an initialized ResourceAccess instance, returns a pointer to it -// func NewResourceAccess(init ...*ResourceAccess) *ResourceAccess { var o *ResourceAccess if len(init) == 1 { @@ -205,9 +161,7 @@ func NewResourceAccess(init ...*ResourceAccess) *ResourceAccess { type rawResourceAccess ResourceAccess -// // UnmarshalJSON is defined for proper JSON decoding of a ResourceAccess -// func (self *ResourceAccess) UnmarshalJSON(b []byte) error { var m rawResourceAccess err := json.Unmarshal(b, &m) @@ -219,17 +173,13 @@ func (self *ResourceAccess) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *ResourceAccess) Validate() error { return nil } -// // PublicKeyEntry - The representation of the public key in a service identity // object. -// type PublicKeyEntry struct { // @@ -243,9 +193,7 @@ type PublicKeyEntry struct { Id string `json:"id"` } -// // NewPublicKeyEntry - creates an initialized PublicKeyEntry instance, returns a pointer to it -// func NewPublicKeyEntry(init ...*PublicKeyEntry) *PublicKeyEntry { var o *PublicKeyEntry if len(init) == 1 { @@ -258,9 +206,7 @@ func NewPublicKeyEntry(init ...*PublicKeyEntry) *PublicKeyEntry { type rawPublicKeyEntry PublicKeyEntry -// // UnmarshalJSON is defined for proper JSON decoding of a PublicKeyEntry -// func (self *PublicKeyEntry) UnmarshalJSON(b []byte) error { var m rawPublicKeyEntry err := json.Unmarshal(b, &m) @@ -272,9 +218,7 @@ func (self *PublicKeyEntry) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *PublicKeyEntry) Validate() error { if self.Key == "" { return fmt.Errorf("PublicKeyEntry.key is missing but is a required field") @@ -295,9 +239,7 @@ func (self *PublicKeyEntry) Validate() error { return nil } -// // ServiceIdentity - The representation of the service identity object. -// type ServiceIdentity struct { // @@ -341,9 +283,7 @@ type ServiceIdentity struct { Group string `json:"group,omitempty" rdl:"optional"` } -// // NewServiceIdentity - creates an initialized ServiceIdentity instance, returns a pointer to it -// func NewServiceIdentity(init ...*ServiceIdentity) *ServiceIdentity { var o *ServiceIdentity if len(init) == 1 { @@ -356,9 +296,7 @@ func NewServiceIdentity(init ...*ServiceIdentity) *ServiceIdentity { type rawServiceIdentity ServiceIdentity -// // UnmarshalJSON is defined for proper JSON decoding of a ServiceIdentity -// func (self *ServiceIdentity) UnmarshalJSON(b []byte) error { var m rawServiceIdentity err := json.Unmarshal(b, &m) @@ -370,9 +308,7 @@ func (self *ServiceIdentity) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *ServiceIdentity) Validate() error { if self.Name == "" { return fmt.Errorf("ServiceIdentity.name is missing but is a required field") @@ -409,10 +345,8 @@ func (self *ServiceIdentity) Validate() error { return nil } -// // ServiceIdentityList - The representation for an enumeration of services in // the namespace. -// type ServiceIdentityList struct { // @@ -421,9 +355,7 @@ type ServiceIdentityList struct { Names []EntityName `json:"names"` } -// // NewServiceIdentityList - creates an initialized ServiceIdentityList instance, returns a pointer to it -// func NewServiceIdentityList(init ...*ServiceIdentityList) *ServiceIdentityList { var o *ServiceIdentityList if len(init) == 1 { @@ -434,9 +366,7 @@ func NewServiceIdentityList(init ...*ServiceIdentityList) *ServiceIdentityList { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *ServiceIdentityList) Init() *ServiceIdentityList { if self.Names == nil { self.Names = make([]EntityName, 0) @@ -446,9 +376,7 @@ func (self *ServiceIdentityList) Init() *ServiceIdentityList { type rawServiceIdentityList ServiceIdentityList -// // UnmarshalJSON is defined for proper JSON decoding of a ServiceIdentityList -// func (self *ServiceIdentityList) UnmarshalJSON(b []byte) error { var m rawServiceIdentityList err := json.Unmarshal(b, &m) @@ -460,9 +388,7 @@ func (self *ServiceIdentityList) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *ServiceIdentityList) Validate() error { if self.Names == nil { return fmt.Errorf("ServiceIdentityList: Missing required field: names") @@ -470,10 +396,8 @@ func (self *ServiceIdentityList) Validate() error { return nil } -// // HostServices - The representation for an enumeration of services authorized // to run on a specific host. -// type HostServices struct { // @@ -487,9 +411,7 @@ type HostServices struct { Names []EntityName `json:"names"` } -// // NewHostServices - creates an initialized HostServices instance, returns a pointer to it -// func NewHostServices(init ...*HostServices) *HostServices { var o *HostServices if len(init) == 1 { @@ -500,9 +422,7 @@ func NewHostServices(init ...*HostServices) *HostServices { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *HostServices) Init() *HostServices { if self.Names == nil { self.Names = make([]EntityName, 0) @@ -512,9 +432,7 @@ func (self *HostServices) Init() *HostServices { type rawHostServices HostServices -// // UnmarshalJSON is defined for proper JSON decoding of a HostServices -// func (self *HostServices) UnmarshalJSON(b []byte) error { var m rawHostServices err := json.Unmarshal(b, &m) @@ -526,9 +444,7 @@ func (self *HostServices) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *HostServices) Validate() error { if self.Host == "" { return fmt.Errorf("HostServices.host is missing but is a required field") @@ -544,14 +460,10 @@ func (self *HostServices) Validate() error { return nil } -// // AssertionEffect - Every assertion can have the effect of ALLOW or DENY. -// type AssertionEffect int -// // AssertionEffect constants -// const ( _ AssertionEffect = iota ALLOW @@ -563,9 +475,7 @@ var namesAssertionEffect = []string{ DENY: "DENY", } -// // NewAssertionEffect - return a string representation of the enum -// func NewAssertionEffect(init ...interface{}) AssertionEffect { if len(init) == 1 { switch v := init[0].(type) { @@ -588,30 +498,22 @@ func NewAssertionEffect(init ...interface{}) AssertionEffect { return AssertionEffect(0) //default to the first enum value } -// // String - return a string representation of the enum -// func (e AssertionEffect) String() string { return namesAssertionEffect[e] } -// // SymbolSet - return an array of all valid string representations (symbols) of the enum -// func (e AssertionEffect) SymbolSet() []string { return namesAssertionEffect } -// // MarshalJSON is defined for proper JSON encoding of a AssertionEffect -// func (e AssertionEffect) MarshalJSON() ([]byte, error) { return json.Marshal(e.String()) } -// // UnmarshalJSON is defined for proper JSON decoding of a AssertionEffect -// func (e *AssertionEffect) UnmarshalJSON(b []byte) error { var j string err := json.Unmarshal(b, &j) @@ -628,10 +530,8 @@ func (e *AssertionEffect) UnmarshalJSON(b []byte) error { return err } -// // Assertion - A representation for the encapsulation of an action to be // performed on a resource by a principal. -// type Assertion struct { // @@ -666,9 +566,7 @@ type Assertion struct { CaseSensitive *bool `json:"caseSensitive,omitempty" rdl:"optional"` } -// // NewAssertion - creates an initialized Assertion instance, returns a pointer to it -// func NewAssertion(init ...*Assertion) *Assertion { var o *Assertion if len(init) == 1 { @@ -681,9 +579,7 @@ func NewAssertion(init ...*Assertion) *Assertion { type rawAssertion Assertion -// // UnmarshalJSON is defined for proper JSON decoding of a Assertion -// func (self *Assertion) UnmarshalJSON(b []byte) error { var m rawAssertion err := json.Unmarshal(b, &m) @@ -695,9 +591,7 @@ func (self *Assertion) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *Assertion) Validate() error { if self.Role == "" { return fmt.Errorf("Assertion.role is missing but is a required field") @@ -726,9 +620,7 @@ func (self *Assertion) Validate() error { return nil } -// // Policy - The representation for a Policy with set of assertions. -// type Policy struct { // @@ -762,9 +654,7 @@ type Policy struct { Active *bool `json:"active,omitempty" rdl:"optional"` } -// // NewPolicy - creates an initialized Policy instance, returns a pointer to it -// func NewPolicy(init ...*Policy) *Policy { var o *Policy if len(init) == 1 { @@ -775,9 +665,7 @@ func NewPolicy(init ...*Policy) *Policy { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *Policy) Init() *Policy { if self.Assertions == nil { self.Assertions = make([]*Assertion, 0) @@ -787,9 +675,7 @@ func (self *Policy) Init() *Policy { type rawPolicy Policy -// // UnmarshalJSON is defined for proper JSON decoding of a Policy -// func (self *Policy) UnmarshalJSON(b []byte) error { var m rawPolicy err := json.Unmarshal(b, &m) @@ -801,9 +687,7 @@ func (self *Policy) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *Policy) Validate() error { if self.Name == "" { return fmt.Errorf("Policy.name is missing but is a required field") @@ -825,9 +709,7 @@ func (self *Policy) Validate() error { return nil } -// // PolicyData - -// type PolicyData struct { // @@ -841,9 +723,7 @@ type PolicyData struct { Policies []*Policy `json:"policies"` } -// // NewPolicyData - creates an initialized PolicyData instance, returns a pointer to it -// func NewPolicyData(init ...*PolicyData) *PolicyData { var o *PolicyData if len(init) == 1 { @@ -854,9 +734,7 @@ func NewPolicyData(init ...*PolicyData) *PolicyData { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *PolicyData) Init() *PolicyData { if self.Policies == nil { self.Policies = make([]*Policy, 0) @@ -866,9 +744,7 @@ func (self *PolicyData) Init() *PolicyData { type rawPolicyData PolicyData -// // UnmarshalJSON is defined for proper JSON decoding of a PolicyData -// func (self *PolicyData) UnmarshalJSON(b []byte) error { var m rawPolicyData err := json.Unmarshal(b, &m) @@ -880,9 +756,7 @@ func (self *PolicyData) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *PolicyData) Validate() error { if self.Domain == "" { return fmt.Errorf("PolicyData.domain is missing but is a required field") @@ -898,10 +772,8 @@ func (self *PolicyData) Validate() error { return nil } -// // SignedPolicyData - A representation of policies object defined in a given // server. -// type SignedPolicyData struct { // @@ -930,9 +802,7 @@ type SignedPolicyData struct { Expires rdl.Timestamp `json:"expires"` } -// // NewSignedPolicyData - creates an initialized SignedPolicyData instance, returns a pointer to it -// func NewSignedPolicyData(init ...*SignedPolicyData) *SignedPolicyData { var o *SignedPolicyData if len(init) == 1 { @@ -943,9 +813,7 @@ func NewSignedPolicyData(init ...*SignedPolicyData) *SignedPolicyData { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *SignedPolicyData) Init() *SignedPolicyData { if self.PolicyData == nil { self.PolicyData = NewPolicyData() @@ -955,9 +823,7 @@ func (self *SignedPolicyData) Init() *SignedPolicyData { type rawSignedPolicyData SignedPolicyData -// // UnmarshalJSON is defined for proper JSON decoding of a SignedPolicyData -// func (self *SignedPolicyData) UnmarshalJSON(b []byte) error { var m rawSignedPolicyData err := json.Unmarshal(b, &m) @@ -969,9 +835,7 @@ func (self *SignedPolicyData) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *SignedPolicyData) Validate() error { if self.PolicyData == nil { return fmt.Errorf("SignedPolicyData: Missing required field: policyData") @@ -997,10 +861,8 @@ func (self *SignedPolicyData) Validate() error { return nil } -// // DomainSignedPolicyData - A signed bulk transfer of policies. The data is // signed with server's private key. -// type DomainSignedPolicyData struct { // @@ -1019,9 +881,7 @@ type DomainSignedPolicyData struct { KeyId string `json:"keyId"` } -// // NewDomainSignedPolicyData - creates an initialized DomainSignedPolicyData instance, returns a pointer to it -// func NewDomainSignedPolicyData(init ...*DomainSignedPolicyData) *DomainSignedPolicyData { var o *DomainSignedPolicyData if len(init) == 1 { @@ -1032,9 +892,7 @@ func NewDomainSignedPolicyData(init ...*DomainSignedPolicyData) *DomainSignedPol return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *DomainSignedPolicyData) Init() *DomainSignedPolicyData { if self.SignedPolicyData == nil { self.SignedPolicyData = NewSignedPolicyData() @@ -1044,9 +902,7 @@ func (self *DomainSignedPolicyData) Init() *DomainSignedPolicyData { type rawDomainSignedPolicyData DomainSignedPolicyData -// // UnmarshalJSON is defined for proper JSON decoding of a DomainSignedPolicyData -// func (self *DomainSignedPolicyData) UnmarshalJSON(b []byte) error { var m rawDomainSignedPolicyData err := json.Unmarshal(b, &m) @@ -1058,9 +914,7 @@ func (self *DomainSignedPolicyData) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *DomainSignedPolicyData) Validate() error { if self.SignedPolicyData == nil { return fmt.Errorf("DomainSignedPolicyData: Missing required field: signedPolicyData") @@ -1084,10 +938,8 @@ func (self *DomainSignedPolicyData) Validate() error { return nil } -// // JWSPolicyData - SignedPolicyData using flattened JWS JSON Serialization // syntax. https://tools.ietf.org/html/rfc7515#section-7.2.2 -// type JWSPolicyData struct { Payload string `json:"payload"` Protected string `json:"protected"` @@ -1095,9 +947,7 @@ type JWSPolicyData struct { Signature string `json:"signature"` } -// // NewJWSPolicyData - creates an initialized JWSPolicyData instance, returns a pointer to it -// func NewJWSPolicyData(init ...*JWSPolicyData) *JWSPolicyData { var o *JWSPolicyData if len(init) == 1 { @@ -1108,9 +958,7 @@ func NewJWSPolicyData(init ...*JWSPolicyData) *JWSPolicyData { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *JWSPolicyData) Init() *JWSPolicyData { if self.Header == nil { self.Header = make(map[string]string) @@ -1120,9 +968,7 @@ func (self *JWSPolicyData) Init() *JWSPolicyData { type rawJWSPolicyData JWSPolicyData -// // UnmarshalJSON is defined for proper JSON decoding of a JWSPolicyData -// func (self *JWSPolicyData) UnmarshalJSON(b []byte) error { var m rawJWSPolicyData err := json.Unmarshal(b, &m) @@ -1134,9 +980,7 @@ func (self *JWSPolicyData) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *JWSPolicyData) Validate() error { if self.Payload == "" { return fmt.Errorf("JWSPolicyData.payload is missing but is a required field") @@ -1168,9 +1012,7 @@ func (self *JWSPolicyData) Validate() error { return nil } -// // SignedPolicyRequest - -// type SignedPolicyRequest struct { PolicyVersions map[string]string `json:"policyVersions"` @@ -1180,9 +1022,7 @@ type SignedPolicyRequest struct { SignatureP1363Format bool `json:"signatureP1363Format"` } -// // NewSignedPolicyRequest - creates an initialized SignedPolicyRequest instance, returns a pointer to it -// func NewSignedPolicyRequest(init ...*SignedPolicyRequest) *SignedPolicyRequest { var o *SignedPolicyRequest if len(init) == 1 { @@ -1193,9 +1033,7 @@ func NewSignedPolicyRequest(init ...*SignedPolicyRequest) *SignedPolicyRequest { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *SignedPolicyRequest) Init() *SignedPolicyRequest { if self.PolicyVersions == nil { self.PolicyVersions = make(map[string]string) @@ -1205,9 +1043,7 @@ func (self *SignedPolicyRequest) Init() *SignedPolicyRequest { type rawSignedPolicyRequest SignedPolicyRequest -// // UnmarshalJSON is defined for proper JSON decoding of a SignedPolicyRequest -// func (self *SignedPolicyRequest) UnmarshalJSON(b []byte) error { var m rawSignedPolicyRequest err := json.Unmarshal(b, &m) @@ -1219,9 +1055,7 @@ func (self *SignedPolicyRequest) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *SignedPolicyRequest) Validate() error { if self.PolicyVersions == nil { return fmt.Errorf("SignedPolicyRequest: Missing required field: policyVersions") @@ -1229,18 +1063,14 @@ func (self *SignedPolicyRequest) Validate() error { return nil } -// // RoleCertificate - Copyright Athenz Authors Licensed under the terms of the // Apache version 2.0 license. See LICENSE file for terms. RoleCertificate - a // role certificate -// type RoleCertificate struct { X509Certificate string `json:"x509Certificate"` } -// // NewRoleCertificate - creates an initialized RoleCertificate instance, returns a pointer to it -// func NewRoleCertificate(init ...*RoleCertificate) *RoleCertificate { var o *RoleCertificate if len(init) == 1 { @@ -1253,9 +1083,7 @@ func NewRoleCertificate(init ...*RoleCertificate) *RoleCertificate { type rawRoleCertificate RoleCertificate -// // UnmarshalJSON is defined for proper JSON decoding of a RoleCertificate -// func (self *RoleCertificate) UnmarshalJSON(b []byte) error { var m rawRoleCertificate err := json.Unmarshal(b, &m) @@ -1267,9 +1095,7 @@ func (self *RoleCertificate) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *RoleCertificate) Validate() error { if self.X509Certificate == "" { return fmt.Errorf("RoleCertificate.x509Certificate is missing but is a required field") @@ -1282,13 +1108,11 @@ func (self *RoleCertificate) Validate() error { return nil } -// // RoleCertificateRequest - RoleCertificateRequest - a certificate signing // request. By including the optional previous Certificate NotBefore and // NotAfter dates would all the server to correctly prioritize this request in // case the certificate signer is under heavy load and it can't sign all // submitted requests from the Athenz Server. -// type RoleCertificateRequest struct { // @@ -1317,9 +1141,7 @@ type RoleCertificateRequest struct { PrevCertNotAfter *rdl.Timestamp `json:"prevCertNotAfter,omitempty" rdl:"optional"` } -// // NewRoleCertificateRequest - creates an initialized RoleCertificateRequest instance, returns a pointer to it -// func NewRoleCertificateRequest(init ...*RoleCertificateRequest) *RoleCertificateRequest { var o *RoleCertificateRequest if len(init) == 1 { @@ -1332,9 +1154,7 @@ func NewRoleCertificateRequest(init ...*RoleCertificateRequest) *RoleCertificate type rawRoleCertificateRequest RoleCertificateRequest -// // UnmarshalJSON is defined for proper JSON decoding of a RoleCertificateRequest -// func (self *RoleCertificateRequest) UnmarshalJSON(b []byte) error { var m rawRoleCertificateRequest err := json.Unmarshal(b, &m) @@ -1346,9 +1166,7 @@ func (self *RoleCertificateRequest) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *RoleCertificateRequest) Validate() error { if self.Csr == "" { return fmt.Errorf("RoleCertificateRequest.csr is missing but is a required field") @@ -1367,16 +1185,12 @@ func (self *RoleCertificateRequest) Validate() error { return nil } -// // RoleAccess - -// type RoleAccess struct { Roles []EntityName `json:"roles"` } -// // NewRoleAccess - creates an initialized RoleAccess instance, returns a pointer to it -// func NewRoleAccess(init ...*RoleAccess) *RoleAccess { var o *RoleAccess if len(init) == 1 { @@ -1387,9 +1201,7 @@ func NewRoleAccess(init ...*RoleAccess) *RoleAccess { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *RoleAccess) Init() *RoleAccess { if self.Roles == nil { self.Roles = make([]EntityName, 0) @@ -1399,9 +1211,7 @@ func (self *RoleAccess) Init() *RoleAccess { type rawRoleAccess RoleAccess -// // UnmarshalJSON is defined for proper JSON decoding of a RoleAccess -// func (self *RoleAccess) UnmarshalJSON(b []byte) error { var m rawRoleAccess err := json.Unmarshal(b, &m) @@ -1413,9 +1223,7 @@ func (self *RoleAccess) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *RoleAccess) Validate() error { if self.Roles == nil { return fmt.Errorf("RoleAccess: Missing required field: roles") @@ -1423,17 +1231,13 @@ func (self *RoleAccess) Validate() error { return nil } -// // RoleToken - A representation of a signed RoleToken -// type RoleToken struct { Token string `json:"token"` ExpiryTime int64 `json:"expiryTime"` } -// // NewRoleToken - creates an initialized RoleToken instance, returns a pointer to it -// func NewRoleToken(init ...*RoleToken) *RoleToken { var o *RoleToken if len(init) == 1 { @@ -1446,9 +1250,7 @@ func NewRoleToken(init ...*RoleToken) *RoleToken { type rawRoleToken RoleToken -// // UnmarshalJSON is defined for proper JSON decoding of a RoleToken -// func (self *RoleToken) UnmarshalJSON(b []byte) error { var m rawRoleToken err := json.Unmarshal(b, &m) @@ -1460,9 +1262,7 @@ func (self *RoleToken) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *RoleToken) Validate() error { if self.Token == "" { return fmt.Errorf("RoleToken.token is missing but is a required field") @@ -1475,9 +1275,7 @@ func (self *RoleToken) Validate() error { return nil } -// // Access - Access can be checked and returned as this resource. -// type Access struct { // @@ -1486,9 +1284,7 @@ type Access struct { Granted bool `json:"granted"` } -// // NewAccess - creates an initialized Access instance, returns a pointer to it -// func NewAccess(init ...*Access) *Access { var o *Access if len(init) == 1 { @@ -1501,9 +1297,7 @@ func NewAccess(init ...*Access) *Access { type rawAccess Access -// // UnmarshalJSON is defined for proper JSON decoding of a Access -// func (self *Access) UnmarshalJSON(b []byte) error { var m rawAccess err := json.Unmarshal(b, &m) @@ -1515,23 +1309,17 @@ func (self *Access) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *Access) Validate() error { return nil } -// // TenantDomains - -// type TenantDomains struct { TenantDomainNames []DomainName `json:"tenantDomainNames"` } -// // NewTenantDomains - creates an initialized TenantDomains instance, returns a pointer to it -// func NewTenantDomains(init ...*TenantDomains) *TenantDomains { var o *TenantDomains if len(init) == 1 { @@ -1542,9 +1330,7 @@ func NewTenantDomains(init ...*TenantDomains) *TenantDomains { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *TenantDomains) Init() *TenantDomains { if self.TenantDomainNames == nil { self.TenantDomainNames = make([]DomainName, 0) @@ -1554,9 +1340,7 @@ func (self *TenantDomains) Init() *TenantDomains { type rawTenantDomains TenantDomains -// // UnmarshalJSON is defined for proper JSON decoding of a TenantDomains -// func (self *TenantDomains) UnmarshalJSON(b []byte) error { var m rawTenantDomains err := json.Unmarshal(b, &m) @@ -1568,9 +1352,7 @@ func (self *TenantDomains) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *TenantDomains) Validate() error { if self.TenantDomainNames == nil { return fmt.Errorf("TenantDomains: Missing required field: tenantDomainNames") @@ -1578,11 +1360,9 @@ func (self *TenantDomains) Validate() error { return nil } -// // Identity - Identity - a signed assertion of service or human identity, the // response could be either a client certificate or just a regular NToken // (depending if the request contained a csr or not). -// type Identity struct { // @@ -1622,9 +1402,7 @@ type Identity struct { Attributes map[string]string `json:"attributes,omitempty" rdl:"optional"` } -// // NewIdentity - creates an initialized Identity instance, returns a pointer to it -// func NewIdentity(init ...*Identity) *Identity { var o *Identity if len(init) == 1 { @@ -1637,9 +1415,7 @@ func NewIdentity(init ...*Identity) *Identity { type rawIdentity Identity -// // UnmarshalJSON is defined for proper JSON decoding of a Identity -// func (self *Identity) UnmarshalJSON(b []byte) error { var m rawIdentity err := json.Unmarshal(b, &m) @@ -1651,9 +1427,7 @@ func (self *Identity) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *Identity) Validate() error { if self.Name == "" { return fmt.Errorf("Identity.name is missing but is a required field") @@ -1696,10 +1470,8 @@ func (self *Identity) Validate() error { return nil } -// // InstanceRefreshRequest - InstanceRefreshRequest - a certificate refresh // request -// type InstanceRefreshRequest struct { // @@ -1718,9 +1490,7 @@ type InstanceRefreshRequest struct { KeyId string `json:"keyId,omitempty" rdl:"optional"` } -// // NewInstanceRefreshRequest - creates an initialized InstanceRefreshRequest instance, returns a pointer to it -// func NewInstanceRefreshRequest(init ...*InstanceRefreshRequest) *InstanceRefreshRequest { var o *InstanceRefreshRequest if len(init) == 1 { @@ -1733,9 +1503,7 @@ func NewInstanceRefreshRequest(init ...*InstanceRefreshRequest) *InstanceRefresh type rawInstanceRefreshRequest InstanceRefreshRequest -// // UnmarshalJSON is defined for proper JSON decoding of a InstanceRefreshRequest -// func (self *InstanceRefreshRequest) UnmarshalJSON(b []byte) error { var m rawInstanceRefreshRequest err := json.Unmarshal(b, &m) @@ -1747,9 +1515,7 @@ func (self *InstanceRefreshRequest) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *InstanceRefreshRequest) Validate() error { if self.Csr == "" { return fmt.Errorf("InstanceRefreshRequest.csr is missing but is a required field") @@ -1768,29 +1534,19 @@ func (self *InstanceRefreshRequest) Validate() error { return nil } -// // AWSRoleName - AWS role name without the path -// type AWSRoleName string -// // AWSRolePathElement - AWS role path single element -// type AWSRolePathElement string -// // AWSRolePath - AWS role path -// type AWSRolePath string -// // AWSArnRoleName - AWS full role name with path -// type AWSArnRoleName string -// // AWSTemporaryCredentials - -// type AWSTemporaryCredentials struct { AccessKeyId string `json:"accessKeyId"` SecretAccessKey string `json:"secretAccessKey"` @@ -1798,9 +1554,7 @@ type AWSTemporaryCredentials struct { Expiration rdl.Timestamp `json:"expiration"` } -// // NewAWSTemporaryCredentials - creates an initialized AWSTemporaryCredentials instance, returns a pointer to it -// func NewAWSTemporaryCredentials(init ...*AWSTemporaryCredentials) *AWSTemporaryCredentials { var o *AWSTemporaryCredentials if len(init) == 1 { @@ -1813,9 +1567,7 @@ func NewAWSTemporaryCredentials(init ...*AWSTemporaryCredentials) *AWSTemporaryC type rawAWSTemporaryCredentials AWSTemporaryCredentials -// // UnmarshalJSON is defined for proper JSON decoding of a AWSTemporaryCredentials -// func (self *AWSTemporaryCredentials) UnmarshalJSON(b []byte) error { var m rawAWSTemporaryCredentials err := json.Unmarshal(b, &m) @@ -1827,9 +1579,7 @@ func (self *AWSTemporaryCredentials) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *AWSTemporaryCredentials) Validate() error { if self.AccessKeyId == "" { return fmt.Errorf("AWSTemporaryCredentials.accessKeyId is missing but is a required field") @@ -1861,9 +1611,7 @@ func (self *AWSTemporaryCredentials) Validate() error { return nil } -// // SSHCertRequestData - -// type SSHCertRequestData struct { // @@ -1902,9 +1650,7 @@ type SSHCertRequestData struct { Command string `json:"command,omitempty" rdl:"optional"` } -// // NewSSHCertRequestData - creates an initialized SSHCertRequestData instance, returns a pointer to it -// func NewSSHCertRequestData(init ...*SSHCertRequestData) *SSHCertRequestData { var o *SSHCertRequestData if len(init) == 1 { @@ -1915,9 +1661,7 @@ func NewSSHCertRequestData(init ...*SSHCertRequestData) *SSHCertRequestData { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *SSHCertRequestData) Init() *SSHCertRequestData { if self.Principals == nil { self.Principals = make([]string, 0) @@ -1927,9 +1671,7 @@ func (self *SSHCertRequestData) Init() *SSHCertRequestData { type rawSSHCertRequestData SSHCertRequestData -// // UnmarshalJSON is defined for proper JSON decoding of a SSHCertRequestData -// func (self *SSHCertRequestData) UnmarshalJSON(b []byte) error { var m rawSSHCertRequestData err := json.Unmarshal(b, &m) @@ -1941,9 +1683,7 @@ func (self *SSHCertRequestData) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *SSHCertRequestData) Validate() error { if self.Principals == nil { return fmt.Errorf("SSHCertRequestData: Missing required field: principals") @@ -1969,9 +1709,7 @@ func (self *SSHCertRequestData) Validate() error { return nil } -// // SSHCertRequestMeta - -// type SSHCertRequestMeta struct { // @@ -2030,9 +1768,7 @@ type SSHCertRequestMeta struct { TransId string `json:"transId,omitempty" rdl:"optional"` } -// // NewSSHCertRequestMeta - creates an initialized SSHCertRequestMeta instance, returns a pointer to it -// func NewSSHCertRequestMeta(init ...*SSHCertRequestMeta) *SSHCertRequestMeta { var o *SSHCertRequestMeta if len(init) == 1 { @@ -2045,9 +1781,7 @@ func NewSSHCertRequestMeta(init ...*SSHCertRequestMeta) *SSHCertRequestMeta { type rawSSHCertRequestMeta SSHCertRequestMeta -// // UnmarshalJSON is defined for proper JSON decoding of a SSHCertRequestMeta -// func (self *SSHCertRequestMeta) UnmarshalJSON(b []byte) error { var m rawSSHCertRequestMeta err := json.Unmarshal(b, &m) @@ -2059,9 +1793,7 @@ func (self *SSHCertRequestMeta) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *SSHCertRequestMeta) Validate() error { if self.Requestor == "" { return fmt.Errorf("SSHCertRequestMeta.requestor is missing but is a required field") @@ -2120,9 +1852,7 @@ func (self *SSHCertRequestMeta) Validate() error { return nil } -// // SSHCertRequest - -// type SSHCertRequest struct { // @@ -2141,9 +1871,7 @@ type SSHCertRequest struct { Csr string `json:"csr,omitempty" rdl:"optional"` } -// // NewSSHCertRequest - creates an initialized SSHCertRequest instance, returns a pointer to it -// func NewSSHCertRequest(init ...*SSHCertRequest) *SSHCertRequest { var o *SSHCertRequest if len(init) == 1 { @@ -2154,9 +1882,7 @@ func NewSSHCertRequest(init ...*SSHCertRequest) *SSHCertRequest { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *SSHCertRequest) Init() *SSHCertRequest { if self.CertRequestData == nil { self.CertRequestData = NewSSHCertRequestData() @@ -2169,9 +1895,7 @@ func (self *SSHCertRequest) Init() *SSHCertRequest { type rawSSHCertRequest SSHCertRequest -// // UnmarshalJSON is defined for proper JSON decoding of a SSHCertRequest -// func (self *SSHCertRequest) UnmarshalJSON(b []byte) error { var m rawSSHCertRequest err := json.Unmarshal(b, &m) @@ -2183,9 +1907,7 @@ func (self *SSHCertRequest) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *SSHCertRequest) Validate() error { if self.CertRequestData == nil { return fmt.Errorf("SSHCertRequest: Missing required field: certRequestData") @@ -2202,9 +1924,7 @@ func (self *SSHCertRequest) Validate() error { return nil } -// // SSHCertificate - -// type SSHCertificate struct { // @@ -2223,9 +1943,7 @@ type SSHCertificate struct { PrivateKey string `json:"privateKey,omitempty" rdl:"optional"` } -// // NewSSHCertificate - creates an initialized SSHCertificate instance, returns a pointer to it -// func NewSSHCertificate(init ...*SSHCertificate) *SSHCertificate { var o *SSHCertificate if len(init) == 1 { @@ -2238,9 +1956,7 @@ func NewSSHCertificate(init ...*SSHCertificate) *SSHCertificate { type rawSSHCertificate SSHCertificate -// // UnmarshalJSON is defined for proper JSON decoding of a SSHCertificate -// func (self *SSHCertificate) UnmarshalJSON(b []byte) error { var m rawSSHCertificate err := json.Unmarshal(b, &m) @@ -2252,9 +1968,7 @@ func (self *SSHCertificate) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *SSHCertificate) Validate() error { if self.Certificate == "" { return fmt.Errorf("SSHCertificate.certificate is missing but is a required field") @@ -2279,9 +1993,7 @@ func (self *SSHCertificate) Validate() error { return nil } -// // SSHCertificates - -// type SSHCertificates struct { // @@ -2295,9 +2007,7 @@ type SSHCertificates struct { CertificateSigner string `json:"certificateSigner,omitempty" rdl:"optional"` } -// // NewSSHCertificates - creates an initialized SSHCertificates instance, returns a pointer to it -// func NewSSHCertificates(init ...*SSHCertificates) *SSHCertificates { var o *SSHCertificates if len(init) == 1 { @@ -2308,9 +2018,7 @@ func NewSSHCertificates(init ...*SSHCertificates) *SSHCertificates { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *SSHCertificates) Init() *SSHCertificates { if self.Certificates == nil { self.Certificates = make([]*SSHCertificate, 0) @@ -2320,9 +2028,7 @@ func (self *SSHCertificates) Init() *SSHCertificates { type rawSSHCertificates SSHCertificates -// // UnmarshalJSON is defined for proper JSON decoding of a SSHCertificates -// func (self *SSHCertificates) UnmarshalJSON(b []byte) error { var m rawSSHCertificates err := json.Unmarshal(b, &m) @@ -2334,9 +2040,7 @@ func (self *SSHCertificates) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *SSHCertificates) Validate() error { if self.Certificates == nil { return fmt.Errorf("SSHCertificates: Missing required field: certificates") @@ -2350,9 +2054,7 @@ func (self *SSHCertificates) Validate() error { return nil } -// // AccessTokenResponse - -// type AccessTokenResponse struct { // @@ -2386,9 +2088,7 @@ type AccessTokenResponse struct { Id_token string `json:"id_token,omitempty" rdl:"optional"` } -// // NewAccessTokenResponse - creates an initialized AccessTokenResponse instance, returns a pointer to it -// func NewAccessTokenResponse(init ...*AccessTokenResponse) *AccessTokenResponse { var o *AccessTokenResponse if len(init) == 1 { @@ -2401,9 +2101,7 @@ func NewAccessTokenResponse(init ...*AccessTokenResponse) *AccessTokenResponse { type rawAccessTokenResponse AccessTokenResponse -// // UnmarshalJSON is defined for proper JSON decoding of a AccessTokenResponse -// func (self *AccessTokenResponse) UnmarshalJSON(b []byte) error { var m rawAccessTokenResponse err := json.Unmarshal(b, &m) @@ -2415,9 +2113,7 @@ func (self *AccessTokenResponse) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *AccessTokenResponse) Validate() error { if self.Access_token == "" { return fmt.Errorf("AccessTokenResponse.access_token is missing but is a required field") @@ -2456,9 +2152,7 @@ func (self *AccessTokenResponse) Validate() error { return nil } -// // JWK - -// type JWK struct { // @@ -2507,9 +2201,7 @@ type JWK struct { E string `json:"e,omitempty" rdl:"optional"` } -// // NewJWK - creates an initialized JWK instance, returns a pointer to it -// func NewJWK(init ...*JWK) *JWK { var o *JWK if len(init) == 1 { @@ -2522,9 +2214,7 @@ func NewJWK(init ...*JWK) *JWK { type rawJWK JWK -// // UnmarshalJSON is defined for proper JSON decoding of a JWK -// func (self *JWK) UnmarshalJSON(b []byte) error { var m rawJWK err := json.Unmarshal(b, &m) @@ -2536,9 +2226,7 @@ func (self *JWK) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *JWK) Validate() error { if self.Kty == "" { return fmt.Errorf("JWK.kty is missing but is a required field") @@ -2601,9 +2289,7 @@ func (self *JWK) Validate() error { return nil } -// // OpenIDConfig - -// type OpenIDConfig struct { // @@ -2642,9 +2328,7 @@ type OpenIDConfig struct { Claims_supported []string `json:"claims_supported,omitempty" rdl:"optional"` } -// // NewOpenIDConfig - creates an initialized OpenIDConfig instance, returns a pointer to it -// func NewOpenIDConfig(init ...*OpenIDConfig) *OpenIDConfig { var o *OpenIDConfig if len(init) == 1 { @@ -2655,9 +2339,7 @@ func NewOpenIDConfig(init ...*OpenIDConfig) *OpenIDConfig { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *OpenIDConfig) Init() *OpenIDConfig { if self.Response_types_supported == nil { self.Response_types_supported = make([]string, 0) @@ -2673,9 +2355,7 @@ func (self *OpenIDConfig) Init() *OpenIDConfig { type rawOpenIDConfig OpenIDConfig -// // UnmarshalJSON is defined for proper JSON decoding of a OpenIDConfig -// func (self *OpenIDConfig) UnmarshalJSON(b []byte) error { var m rawOpenIDConfig err := json.Unmarshal(b, &m) @@ -2687,9 +2367,7 @@ func (self *OpenIDConfig) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *OpenIDConfig) Validate() error { if self.Issuer == "" { return fmt.Errorf("OpenIDConfig.issuer is missing but is a required field") @@ -2727,9 +2405,7 @@ func (self *OpenIDConfig) Validate() error { return nil } -// // OAuthConfig - -// type OAuthConfig struct { // @@ -2768,9 +2444,7 @@ type OAuthConfig struct { Token_endpoint_auth_signing_alg_values_supported []string `json:"token_endpoint_auth_signing_alg_values_supported"` } -// // NewOAuthConfig - creates an initialized OAuthConfig instance, returns a pointer to it -// func NewOAuthConfig(init ...*OAuthConfig) *OAuthConfig { var o *OAuthConfig if len(init) == 1 { @@ -2781,9 +2455,7 @@ func NewOAuthConfig(init ...*OAuthConfig) *OAuthConfig { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *OAuthConfig) Init() *OAuthConfig { if self.Response_types_supported == nil { self.Response_types_supported = make([]string, 0) @@ -2799,9 +2471,7 @@ func (self *OAuthConfig) Init() *OAuthConfig { type rawOAuthConfig OAuthConfig -// // UnmarshalJSON is defined for proper JSON decoding of a OAuthConfig -// func (self *OAuthConfig) UnmarshalJSON(b []byte) error { var m rawOAuthConfig err := json.Unmarshal(b, &m) @@ -2813,9 +2483,7 @@ func (self *OAuthConfig) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *OAuthConfig) Validate() error { if self.Issuer == "" { return fmt.Errorf("OAuthConfig.issuer is missing but is a required field") @@ -2861,9 +2529,7 @@ func (self *OAuthConfig) Validate() error { return nil } -// // JWKList - JSON Web Key (JWK) List -// type JWKList struct { // @@ -2872,9 +2538,7 @@ type JWKList struct { Keys []*JWK `json:"keys"` } -// // NewJWKList - creates an initialized JWKList instance, returns a pointer to it -// func NewJWKList(init ...*JWKList) *JWKList { var o *JWKList if len(init) == 1 { @@ -2885,9 +2549,7 @@ func NewJWKList(init ...*JWKList) *JWKList { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *JWKList) Init() *JWKList { if self.Keys == nil { self.Keys = make([]*JWK, 0) @@ -2897,9 +2559,7 @@ func (self *JWKList) Init() *JWKList { type rawJWKList JWKList -// // UnmarshalJSON is defined for proper JSON decoding of a JWKList -// func (self *JWKList) UnmarshalJSON(b []byte) error { var m rawJWKList err := json.Unmarshal(b, &m) @@ -2911,9 +2571,7 @@ func (self *JWKList) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *JWKList) Validate() error { if self.Keys == nil { return fmt.Errorf("JWKList: Missing required field: keys") @@ -2921,21 +2579,15 @@ func (self *JWKList) Validate() error { return nil } -// // AccessTokenRequest - -// type AccessTokenRequest string -// // OIDCResponse - -// type OIDCResponse struct { Location string `json:"location"` } -// // NewOIDCResponse - creates an initialized OIDCResponse instance, returns a pointer to it -// func NewOIDCResponse(init ...*OIDCResponse) *OIDCResponse { var o *OIDCResponse if len(init) == 1 { @@ -2948,9 +2600,7 @@ func NewOIDCResponse(init ...*OIDCResponse) *OIDCResponse { type rawOIDCResponse OIDCResponse -// // UnmarshalJSON is defined for proper JSON decoding of a OIDCResponse -// func (self *OIDCResponse) UnmarshalJSON(b []byte) error { var m rawOIDCResponse err := json.Unmarshal(b, &m) @@ -2962,9 +2612,7 @@ func (self *OIDCResponse) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *OIDCResponse) Validate() error { if self.Location == "" { return fmt.Errorf("OIDCResponse.location is missing but is a required field") @@ -2977,9 +2625,7 @@ func (self *OIDCResponse) Validate() error { return nil } -// // InstanceRegisterInformation - -// type InstanceRegisterInformation struct { // @@ -3051,9 +2697,7 @@ type InstanceRegisterInformation struct { AthenzJWKModified *rdl.Timestamp `json:"athenzJWKModified,omitempty" rdl:"optional"` } -// // NewInstanceRegisterInformation - creates an initialized InstanceRegisterInformation instance, returns a pointer to it -// func NewInstanceRegisterInformation(init ...*InstanceRegisterInformation) *InstanceRegisterInformation { var o *InstanceRegisterInformation if len(init) == 1 { @@ -3066,9 +2710,7 @@ func NewInstanceRegisterInformation(init ...*InstanceRegisterInformation) *Insta type rawInstanceRegisterInformation InstanceRegisterInformation -// // UnmarshalJSON is defined for proper JSON decoding of a InstanceRegisterInformation -// func (self *InstanceRegisterInformation) UnmarshalJSON(b []byte) error { var m rawInstanceRegisterInformation err := json.Unmarshal(b, &m) @@ -3080,9 +2722,7 @@ func (self *InstanceRegisterInformation) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *InstanceRegisterInformation) Validate() error { if self.Provider == "" { return fmt.Errorf("InstanceRegisterInformation.provider is missing but is a required field") @@ -3139,9 +2779,7 @@ func (self *InstanceRegisterInformation) Validate() error { return nil } -// // InstanceRefreshInformation - -// type InstanceRefreshInformation struct { // @@ -3198,9 +2836,7 @@ type InstanceRefreshInformation struct { AthenzJWKModified *rdl.Timestamp `json:"athenzJWKModified,omitempty" rdl:"optional"` } -// // NewInstanceRefreshInformation - creates an initialized InstanceRefreshInformation instance, returns a pointer to it -// func NewInstanceRefreshInformation(init ...*InstanceRefreshInformation) *InstanceRefreshInformation { var o *InstanceRefreshInformation if len(init) == 1 { @@ -3213,9 +2849,7 @@ func NewInstanceRefreshInformation(init ...*InstanceRefreshInformation) *Instanc type rawInstanceRefreshInformation InstanceRefreshInformation -// // UnmarshalJSON is defined for proper JSON decoding of a InstanceRefreshInformation -// func (self *InstanceRefreshInformation) UnmarshalJSON(b []byte) error { var m rawInstanceRefreshInformation err := json.Unmarshal(b, &m) @@ -3227,9 +2861,7 @@ func (self *InstanceRefreshInformation) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *InstanceRefreshInformation) Validate() error { if self.AttestationData != "" { val := rdl.Validate(ZTSSchema(), "String", self.AttestationData) @@ -3258,9 +2890,7 @@ func (self *InstanceRefreshInformation) Validate() error { return nil } -// // InstanceRegisterToken - -// type InstanceRegisterToken struct { // @@ -3291,9 +2921,7 @@ type InstanceRegisterToken struct { Attributes map[string]string `json:"attributes,omitempty" rdl:"optional"` } -// // NewInstanceRegisterToken - creates an initialized InstanceRegisterToken instance, returns a pointer to it -// func NewInstanceRegisterToken(init ...*InstanceRegisterToken) *InstanceRegisterToken { var o *InstanceRegisterToken if len(init) == 1 { @@ -3306,9 +2934,7 @@ func NewInstanceRegisterToken(init ...*InstanceRegisterToken) *InstanceRegisterT type rawInstanceRegisterToken InstanceRegisterToken -// // UnmarshalJSON is defined for proper JSON decoding of a InstanceRegisterToken -// func (self *InstanceRegisterToken) UnmarshalJSON(b []byte) error { var m rawInstanceRegisterToken err := json.Unmarshal(b, &m) @@ -3320,9 +2946,7 @@ func (self *InstanceRegisterToken) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *InstanceRegisterToken) Validate() error { if self.Provider == "" { return fmt.Errorf("InstanceRegisterToken.provider is missing but is a required field") @@ -3359,9 +2983,7 @@ func (self *InstanceRegisterToken) Validate() error { return nil } -// // AthenzJWKConfig - -// type AthenzJWKConfig struct { // @@ -3380,9 +3002,7 @@ type AthenzJWKConfig struct { Modified *rdl.Timestamp `json:"modified,omitempty" rdl:"optional"` } -// // NewAthenzJWKConfig - creates an initialized AthenzJWKConfig instance, returns a pointer to it -// func NewAthenzJWKConfig(init ...*AthenzJWKConfig) *AthenzJWKConfig { var o *AthenzJWKConfig if len(init) == 1 { @@ -3393,9 +3013,7 @@ func NewAthenzJWKConfig(init ...*AthenzJWKConfig) *AthenzJWKConfig { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *AthenzJWKConfig) Init() *AthenzJWKConfig { if self.Zms == nil { self.Zms = NewJWKList() @@ -3408,9 +3026,7 @@ func (self *AthenzJWKConfig) Init() *AthenzJWKConfig { type rawAthenzJWKConfig AthenzJWKConfig -// // UnmarshalJSON is defined for proper JSON decoding of a AthenzJWKConfig -// func (self *AthenzJWKConfig) UnmarshalJSON(b []byte) error { var m rawAthenzJWKConfig err := json.Unmarshal(b, &m) @@ -3422,9 +3038,7 @@ func (self *AthenzJWKConfig) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *AthenzJWKConfig) Validate() error { if self.Zms == nil { return fmt.Errorf("AthenzJWKConfig: Missing required field: zms") @@ -3435,9 +3049,7 @@ func (self *AthenzJWKConfig) Validate() error { return nil } -// // InstanceIdentity - -// type InstanceIdentity struct { // @@ -3491,9 +3103,7 @@ type InstanceIdentity struct { AthenzJWK *AthenzJWKConfig `json:"athenzJWK,omitempty" rdl:"optional"` } -// // NewInstanceIdentity - creates an initialized InstanceIdentity instance, returns a pointer to it -// func NewInstanceIdentity(init ...*InstanceIdentity) *InstanceIdentity { var o *InstanceIdentity if len(init) == 1 { @@ -3506,9 +3116,7 @@ func NewInstanceIdentity(init ...*InstanceIdentity) *InstanceIdentity { type rawInstanceIdentity InstanceIdentity -// // UnmarshalJSON is defined for proper JSON decoding of a InstanceIdentity -// func (self *InstanceIdentity) UnmarshalJSON(b []byte) error { var m rawInstanceIdentity err := json.Unmarshal(b, &m) @@ -3520,9 +3128,7 @@ func (self *InstanceIdentity) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *InstanceIdentity) Validate() error { if self.Provider == "" { return fmt.Errorf("InstanceIdentity.provider is missing but is a required field") @@ -3581,9 +3187,7 @@ func (self *InstanceIdentity) Validate() error { return nil } -// // CertificateAuthorityBundle - -// type CertificateAuthorityBundle struct { // @@ -3597,9 +3201,7 @@ type CertificateAuthorityBundle struct { Certs string `json:"certs"` } -// // NewCertificateAuthorityBundle - creates an initialized CertificateAuthorityBundle instance, returns a pointer to it -// func NewCertificateAuthorityBundle(init ...*CertificateAuthorityBundle) *CertificateAuthorityBundle { var o *CertificateAuthorityBundle if len(init) == 1 { @@ -3612,9 +3214,7 @@ func NewCertificateAuthorityBundle(init ...*CertificateAuthorityBundle) *Certifi type rawCertificateAuthorityBundle CertificateAuthorityBundle -// // UnmarshalJSON is defined for proper JSON decoding of a CertificateAuthorityBundle -// func (self *CertificateAuthorityBundle) UnmarshalJSON(b []byte) error { var m rawCertificateAuthorityBundle err := json.Unmarshal(b, &m) @@ -3626,9 +3226,7 @@ func (self *CertificateAuthorityBundle) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *CertificateAuthorityBundle) Validate() error { if self.Name == "" { return fmt.Errorf("CertificateAuthorityBundle.name is missing but is a required field") @@ -3649,14 +3247,10 @@ func (self *CertificateAuthorityBundle) Validate() error { return nil } -// // DomainMetricType - zpe metric attributes -// type DomainMetricType int -// // DomainMetricType constants -// const ( _ DomainMetricType = iota ACCESS_ALLOWED @@ -3700,9 +3294,7 @@ var namesDomainMetricType = []string{ LOAD_DOMAIN_GOOD: "LOAD_DOMAIN_GOOD", } -// // NewDomainMetricType - return a string representation of the enum -// func NewDomainMetricType(init ...interface{}) DomainMetricType { if len(init) == 1 { switch v := init[0].(type) { @@ -3725,30 +3317,22 @@ func NewDomainMetricType(init ...interface{}) DomainMetricType { return DomainMetricType(0) //default to the first enum value } -// // String - return a string representation of the enum -// func (e DomainMetricType) String() string { return namesDomainMetricType[e] } -// // SymbolSet - return an array of all valid string representations (symbols) of the enum -// func (e DomainMetricType) SymbolSet() []string { return namesDomainMetricType } -// // MarshalJSON is defined for proper JSON encoding of a DomainMetricType -// func (e DomainMetricType) MarshalJSON() ([]byte, error) { return json.Marshal(e.String()) } -// // UnmarshalJSON is defined for proper JSON decoding of a DomainMetricType -// func (e *DomainMetricType) UnmarshalJSON(b []byte) error { var j string err := json.Unmarshal(b, &j) @@ -3765,17 +3349,13 @@ func (e *DomainMetricType) UnmarshalJSON(b []byte) error { return err } -// // DomainMetric - -// type DomainMetric struct { MetricType DomainMetricType `json:"metricType"` MetricVal int32 `json:"metricVal"` } -// // NewDomainMetric - creates an initialized DomainMetric instance, returns a pointer to it -// func NewDomainMetric(init ...*DomainMetric) *DomainMetric { var o *DomainMetric if len(init) == 1 { @@ -3788,9 +3368,7 @@ func NewDomainMetric(init ...*DomainMetric) *DomainMetric { type rawDomainMetric DomainMetric -// // UnmarshalJSON is defined for proper JSON decoding of a DomainMetric -// func (self *DomainMetric) UnmarshalJSON(b []byte) error { var m rawDomainMetric err := json.Unmarshal(b, &m) @@ -3802,16 +3380,12 @@ func (self *DomainMetric) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *DomainMetric) Validate() error { return nil } -// // DomainMetrics - -// type DomainMetrics struct { // @@ -3825,9 +3399,7 @@ type DomainMetrics struct { MetricList []*DomainMetric `json:"metricList"` } -// // NewDomainMetrics - creates an initialized DomainMetrics instance, returns a pointer to it -// func NewDomainMetrics(init ...*DomainMetrics) *DomainMetrics { var o *DomainMetrics if len(init) == 1 { @@ -3838,9 +3410,7 @@ func NewDomainMetrics(init ...*DomainMetrics) *DomainMetrics { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *DomainMetrics) Init() *DomainMetrics { if self.MetricList == nil { self.MetricList = make([]*DomainMetric, 0) @@ -3850,9 +3420,7 @@ func (self *DomainMetrics) Init() *DomainMetrics { type rawDomainMetrics DomainMetrics -// // UnmarshalJSON is defined for proper JSON decoding of a DomainMetrics -// func (self *DomainMetrics) UnmarshalJSON(b []byte) error { var m rawDomainMetrics err := json.Unmarshal(b, &m) @@ -3864,9 +3432,7 @@ func (self *DomainMetrics) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *DomainMetrics) Validate() error { if self.DomainName == "" { return fmt.Errorf("DomainMetrics.domainName is missing but is a required field") @@ -3882,9 +3448,7 @@ func (self *DomainMetrics) Validate() error { return nil } -// // Status - The representation for a status object -// type Status struct { // @@ -3898,9 +3462,7 @@ type Status struct { Message string `json:"message"` } -// // NewStatus - creates an initialized Status instance, returns a pointer to it -// func NewStatus(init ...*Status) *Status { var o *Status if len(init) == 1 { @@ -3913,9 +3475,7 @@ func NewStatus(init ...*Status) *Status { type rawStatus Status -// // UnmarshalJSON is defined for proper JSON decoding of a Status -// func (self *Status) UnmarshalJSON(b []byte) error { var m rawStatus err := json.Unmarshal(b, &m) @@ -3927,9 +3487,7 @@ func (self *Status) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *Status) Validate() error { if self.Message == "" { return fmt.Errorf("Status.message is missing but is a required field") @@ -3942,9 +3500,7 @@ func (self *Status) Validate() error { return nil } -// // Workload - -// type Workload struct { // @@ -3989,9 +3545,7 @@ type Workload struct { CertExpiryTime rdl.Timestamp `json:"certExpiryTime"` } -// // NewWorkload - creates an initialized Workload instance, returns a pointer to it -// func NewWorkload(init ...*Workload) *Workload { var o *Workload if len(init) == 1 { @@ -4002,9 +3556,7 @@ func NewWorkload(init ...*Workload) *Workload { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *Workload) Init() *Workload { if self.IpAddresses == nil { self.IpAddresses = make([]string, 0) @@ -4014,9 +3566,7 @@ func (self *Workload) Init() *Workload { type rawWorkload Workload -// // UnmarshalJSON is defined for proper JSON decoding of a Workload -// func (self *Workload) UnmarshalJSON(b []byte) error { var m rawWorkload err := json.Unmarshal(b, &m) @@ -4028,9 +3578,7 @@ func (self *Workload) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *Workload) Validate() error { if self.DomainName == "" { return fmt.Errorf("Workload.domainName is missing but is a required field") @@ -4084,9 +3632,7 @@ func (self *Workload) Validate() error { return nil } -// // Workloads - -// type Workloads struct { // @@ -4095,9 +3641,7 @@ type Workloads struct { WorkloadList []*Workload `json:"workloadList"` } -// // NewWorkloads - creates an initialized Workloads instance, returns a pointer to it -// func NewWorkloads(init ...*Workloads) *Workloads { var o *Workloads if len(init) == 1 { @@ -4108,9 +3652,7 @@ func NewWorkloads(init ...*Workloads) *Workloads { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *Workloads) Init() *Workloads { if self.WorkloadList == nil { self.WorkloadList = make([]*Workload, 0) @@ -4120,9 +3662,7 @@ func (self *Workloads) Init() *Workloads { type rawWorkloads Workloads -// // UnmarshalJSON is defined for proper JSON decoding of a Workloads -// func (self *Workloads) UnmarshalJSON(b []byte) error { var m rawWorkloads err := json.Unmarshal(b, &m) @@ -4134,9 +3674,7 @@ func (self *Workloads) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *Workloads) Validate() error { if self.WorkloadList == nil { return fmt.Errorf("Workloads: Missing required field: workloadList") @@ -4144,15 +3682,11 @@ func (self *Workloads) Validate() error { return nil } -// // TransportDirection - Copyright The Athenz Authors Licensed under the terms // of the Apache version 2.0 license. See LICENSE file for terms. -// type TransportDirection int -// // TransportDirection constants -// const ( _ TransportDirection = iota IN @@ -4164,9 +3698,7 @@ var namesTransportDirection = []string{ OUT: "OUT", } -// // NewTransportDirection - return a string representation of the enum -// func NewTransportDirection(init ...interface{}) TransportDirection { if len(init) == 1 { switch v := init[0].(type) { @@ -4189,30 +3721,22 @@ func NewTransportDirection(init ...interface{}) TransportDirection { return TransportDirection(0) //default to the first enum value } -// // String - return a string representation of the enum -// func (e TransportDirection) String() string { return namesTransportDirection[e] } -// // SymbolSet - return an array of all valid string representations (symbols) of the enum -// func (e TransportDirection) SymbolSet() []string { return namesTransportDirection } -// // MarshalJSON is defined for proper JSON encoding of a TransportDirection -// func (e TransportDirection) MarshalJSON() ([]byte, error) { return json.Marshal(e.String()) } -// // UnmarshalJSON is defined for proper JSON decoding of a TransportDirection -// func (e *TransportDirection) UnmarshalJSON(b []byte) error { var j string err := json.Unmarshal(b, &j) @@ -4229,9 +3753,7 @@ func (e *TransportDirection) UnmarshalJSON(b []byte) error { return err } -// // TransportRule - -// type TransportRule struct { // @@ -4260,9 +3782,7 @@ type TransportRule struct { Direction TransportDirection `json:"direction"` } -// // NewTransportRule - creates an initialized TransportRule instance, returns a pointer to it -// func NewTransportRule(init ...*TransportRule) *TransportRule { var o *TransportRule if len(init) == 1 { @@ -4275,9 +3795,7 @@ func NewTransportRule(init ...*TransportRule) *TransportRule { type rawTransportRule TransportRule -// // UnmarshalJSON is defined for proper JSON decoding of a TransportRule -// func (self *TransportRule) UnmarshalJSON(b []byte) error { var m rawTransportRule err := json.Unmarshal(b, &m) @@ -4289,9 +3807,7 @@ func (self *TransportRule) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *TransportRule) Validate() error { if self.EndPoint == "" { return fmt.Errorf("TransportRule.endPoint is missing but is a required field") @@ -4320,17 +3836,13 @@ func (self *TransportRule) Validate() error { return nil } -// // TransportRules - -// type TransportRules struct { IngressRules []*TransportRule `json:"ingressRules"` EgressRules []*TransportRule `json:"egressRules"` } -// // NewTransportRules - creates an initialized TransportRules instance, returns a pointer to it -// func NewTransportRules(init ...*TransportRules) *TransportRules { var o *TransportRules if len(init) == 1 { @@ -4341,9 +3853,7 @@ func NewTransportRules(init ...*TransportRules) *TransportRules { return o.Init() } -// // Init - sets up the instance according to its default field values, if any -// func (self *TransportRules) Init() *TransportRules { if self.IngressRules == nil { self.IngressRules = make([]*TransportRule, 0) @@ -4356,9 +3866,7 @@ func (self *TransportRules) Init() *TransportRules { type rawTransportRules TransportRules -// // UnmarshalJSON is defined for proper JSON decoding of a TransportRules -// func (self *TransportRules) UnmarshalJSON(b []byte) error { var m rawTransportRules err := json.Unmarshal(b, &m) @@ -4370,9 +3878,7 @@ func (self *TransportRules) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *TransportRules) Validate() error { if self.IngressRules == nil { return fmt.Errorf("TransportRules: Missing required field: ingressRules") @@ -4383,11 +3889,9 @@ func (self *TransportRules) Validate() error { return nil } -// // Info - Copyright Athenz Authors Licensed under the terms of the Apache // version 2.0 license. See LICENSE file for terms. The representation for an // info object -// type Info struct { // @@ -4411,9 +3915,7 @@ type Info struct { ImplementationVendor string `json:"implementationVendor,omitempty" rdl:"optional"` } -// // NewInfo - creates an initialized Info instance, returns a pointer to it -// func NewInfo(init ...*Info) *Info { var o *Info if len(init) == 1 { @@ -4426,9 +3928,7 @@ func NewInfo(init ...*Info) *Info { type rawInfo Info -// // UnmarshalJSON is defined for proper JSON decoding of a Info -// func (self *Info) UnmarshalJSON(b []byte) error { var m rawInfo err := json.Unmarshal(b, &m) @@ -4440,9 +3940,7 @@ func (self *Info) UnmarshalJSON(b []byte) error { return err } -// // Validate - checks for missing required fields, etc -// func (self *Info) Validate() error { if self.BuildJdkSpec != "" { val := rdl.Validate(ZTSSchema(), "String", self.BuildJdkSpec) diff --git a/core/zms/src/main/java/com/yahoo/athenz/zms/ZMSSchema.java b/core/zms/src/main/java/com/yahoo/athenz/zms/ZMSSchema.java index eef72c98c58..3ab5afe76b0 100644 --- a/core/zms/src/main/java/com/yahoo/athenz/zms/ZMSSchema.java +++ b/core/zms/src/main/java/com/yahoo/athenz/zms/ZMSSchema.java @@ -973,7 +973,7 @@ private static Schema build() { .comment("Delete expired principals") .queryParam("purgeResources", "purgeResources", "Int32", null, "defining which resources will be purged. by default all resources will be purged") .headerParam("Athenz-Return-Object", "returnObj", "Bool", false, "Return object param updated object back.") - .auth("purge", "sys.auth:role.purge_expired_members") + .auth("delete", "sys.auth:expired_members") .expected("NO_CONTENT") .exception("BAD_REQUEST", "ResourceError", "") diff --git a/core/zms/src/main/rdl/Domain.rdli b/core/zms/src/main/rdl/Domain.rdli index 96e69da8bb4..46c329760b9 100644 --- a/core/zms/src/main/rdl/Domain.rdli +++ b/core/zms/src/main/rdl/Domain.rdli @@ -337,7 +337,7 @@ type ExpiredMembers Struct { resource ExpiredMembers DELETE "/expired-members?purgeResources={purgeResources}" { Bool returnObj (optional, default=false, header="Athenz-Return-Object"); //Return object param updated object back. Int32 purgeResources (optional); //defining which resources will be purged. by default all resources will be purged - authorize ("purge", "sys.auth:role.purge_expired_members"); + authorize("delete", "sys.auth:expired_members"); expected NO_CONTENT, OK; exceptions { ResourceError BAD_REQUEST; diff --git a/core/zms/src/test/java/com/yahoo/athenz/zms/ExpiredMembersTest.java b/core/zms/src/test/java/com/yahoo/athenz/zms/ExpiredMembersTest.java index 66946bb84e1..2b55b9d4ade 100644 --- a/core/zms/src/test/java/com/yahoo/athenz/zms/ExpiredMembersTest.java +++ b/core/zms/src/test/java/com/yahoo/athenz/zms/ExpiredMembersTest.java @@ -1,3 +1,19 @@ +/* + * Copyright The Athenz Authors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package com.yahoo.athenz.zms; import com.yahoo.rdl.Timestamp; diff --git a/core/zms/src/test/java/com/yahoo/athenz/zms/ExpiryMemberTest.java b/core/zms/src/test/java/com/yahoo/athenz/zms/ExpiryMemberTest.java index 75ef5c204a5..6899978d6b0 100644 --- a/core/zms/src/test/java/com/yahoo/athenz/zms/ExpiryMemberTest.java +++ b/core/zms/src/test/java/com/yahoo/athenz/zms/ExpiryMemberTest.java @@ -1,3 +1,19 @@ +/* + * Copyright The Athenz Authors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package com.yahoo.athenz.zms; import com.yahoo.rdl.Timestamp; diff --git a/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java b/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java index 70addcae02f..c967837f119 100644 --- a/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java +++ b/servers/zms/src/main/java/com/yahoo/athenz/zms/DBService.java @@ -8103,7 +8103,7 @@ public List executeDeleteAllExpiredRoleMemberships(ResourceContext } if (numOfExpiredMembersRetrieved == removedList.size()) { - LOG.info("delete all expired role members done successfully: {} expired role members were deleted", removedList.size()); + LOG.info("delete all expired role members done successfully: {} expired role members were deleted", removedList.size()); } else { LOG.info("delete all expired role members done with errors: {} out of {} expired role members were deleted", removedList.size(), numOfExpiredMembersRetrieved); } diff --git a/servers/zms/src/main/java/com/yahoo/athenz/zms/ZMSConsts.java b/servers/zms/src/main/java/com/yahoo/athenz/zms/ZMSConsts.java index e1b18bf9fcc..824ecb6a0e9 100644 --- a/servers/zms/src/main/java/com/yahoo/athenz/zms/ZMSConsts.java +++ b/servers/zms/src/main/java/com/yahoo/athenz/zms/ZMSConsts.java @@ -245,7 +245,7 @@ public final class ZMSConsts { public static final String DB_COLUMN_AS_DOMAIN_NAME = "domain_name"; public static final String DB_COLUMN_AS_ROLE_NAME = "role_name"; public static final String DB_COLUMN_AS_GROUP_NAME = "group_name"; - public static final String DB_COLUMN_AS_PRINCIPAL_NAME = "principal_name"; + public static final String DB_COLUMN_AS_PRINCIPAL_NAME = "principal_name"; public static final String DB_COLUMN_SYSTEM_DISABLED = "system_disabled"; public static final String DB_COLUMN_AZURE_SUBSCRIPTION = "azure_subscription"; public static final String DB_COLUMN_BUSINESS_SERVICE = "business_service"; diff --git a/servers/zms/src/main/java/com/yahoo/athenz/zms/ZMSResources.java b/servers/zms/src/main/java/com/yahoo/athenz/zms/ZMSResources.java index bfa5c4e7e71..898fd838ae3 100644 --- a/servers/zms/src/main/java/com/yahoo/athenz/zms/ZMSResources.java +++ b/servers/zms/src/main/java/com/yahoo/athenz/zms/ZMSResources.java @@ -619,7 +619,7 @@ public Response deleteExpiredMembers( ResourceContext context = null; try { context = this.delegate.newResourceContext(this.servletContext, this.request, this.response, "deleteExpiredMembers"); - context.authorize("purge", "sys.auth:role.purge_expired_members", null); + context.authorize("delete", "sys.auth:expired_members", null); return this.delegate.deleteExpiredMembers(context, purgeResources, returnObj); } catch (ResourceException e) { code = e.getCode(); diff --git a/servers/zms/src/main/java/com/yahoo/athenz/zms/purge/PurgeResourcesEnum.java b/servers/zms/src/main/java/com/yahoo/athenz/zms/purge/PurgeResourcesEnum.java index 4c018ae9634..2aa4bb688d1 100644 --- a/servers/zms/src/main/java/com/yahoo/athenz/zms/purge/PurgeResourcesEnum.java +++ b/servers/zms/src/main/java/com/yahoo/athenz/zms/purge/PurgeResourcesEnum.java @@ -1,3 +1,21 @@ +/* + * + * * Copyright The Athenz Authors + * * + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * + */ + package com.yahoo.athenz.zms.purge; import org.apache.commons.lang3.EnumUtils; diff --git a/servers/zms/src/main/java/com/yahoo/athenz/zms/store/impl/jdbc/JDBCConnection.java b/servers/zms/src/main/java/com/yahoo/athenz/zms/store/impl/jdbc/JDBCConnection.java index bbdb0ff5fa2..d281d3bf47b 100644 --- a/servers/zms/src/main/java/com/yahoo/athenz/zms/store/impl/jdbc/JDBCConnection.java +++ b/servers/zms/src/main/java/com/yahoo/athenz/zms/store/impl/jdbc/JDBCConnection.java @@ -151,7 +151,7 @@ public class JDBCConnection implements ObjectStoreConnection { private static final String SQL_INSERT_PENDING_ROLE_MEMBER = "INSERT INTO pending_role_member " + "(role_id, principal_id, expiration, review_reminder, audit_ref, req_principal) VALUES (?,?,?,?,?,?);"; private static final String SQL_DELETE_ROLE_MEMBER = "DELETE FROM role_member WHERE role_id=? AND principal_id=?;"; - private static final String SQL_DELETE_EXPIRED_ROLE_MEMBER = "DELETE FROM role_member WHERE role_id=? AND principal_id=? AND ? >= expiration;"; + private static final String SQL_DELETE_EXPIRED_ROLE_MEMBER = "DELETE FROM role_member WHERE role_id=? AND principal_id=? AND ? = expiration;"; private static final String SQL_DELETE_PENDING_ROLE_MEMBER = "DELETE FROM pending_role_member WHERE role_id=? AND principal_id=?;"; private static final String SQL_UPDATE_ROLE_MEMBER = "UPDATE role_member " + "SET expiration=?, review_reminder=?, active=?, audit_ref=?, req_principal=? WHERE role_id=? AND principal_id=?;"; @@ -477,7 +477,7 @@ public class JDBCConnection implements ObjectStoreConnection { private static final String SQL_INSERT_PENDING_GROUP_MEMBER = "INSERT INTO pending_principal_group_member " + "(group_id, principal_id, expiration, audit_ref, req_principal) VALUES (?,?,?,?,?);"; private static final String SQL_DELETE_GROUP_MEMBER = "DELETE FROM principal_group_member WHERE group_id=? AND principal_id=?;"; - private static final String SQL_DELETE_EXPIRED_GROUP_MEMBER = "DELETE FROM principal_group_member WHERE group_id=? AND principal_id=? AND ? >= expiration;"; + private static final String SQL_DELETE_EXPIRED_GROUP_MEMBER = "DELETE FROM principal_group_member WHERE group_id=? AND principal_id=? AND ? = expiration;"; private static final String SQL_DELETE_PENDING_GROUP_MEMBER = "DELETE FROM pending_principal_group_member WHERE group_id=? AND principal_id=?;"; private static final String SQL_INSERT_GROUP_AUDIT_LOG = "INSERT INTO principal_group_audit_log " + "(group_id, admin, member, action, audit_ref) VALUES (?,?,?,?,?);"; @@ -6955,7 +6955,6 @@ public List listDomainDependencies(String service) { @Override public List getAllExpiredRoleMembers(int limit, int offset) { final String caller = "getAllExpiredRoleMembers"; - List members = new ArrayList<>(); try (PreparedStatement ps = con.prepareStatement(GET_ALL_EXPIRED_ROLE_MEMBERS)) { ps.setInt(1, DELAY_PURGE_EXPIRED_MEMBERS_DAYS_DEFAULT); @@ -6980,8 +6979,6 @@ public List getAllExpiredRoleMembers(int limit, int offset) { @Override public List getAllExpiredGroupMembers(int limit, int offset) { final String caller = "getAllExpiredGroupMembers"; - -// List members = new ArrayList<>(); List members = new ArrayList<>(); try (PreparedStatement ps = con.prepareStatement(GET_ALL_EXPIRED_GROUP_MEMBERS)) { ps.setInt(1, DELAY_PURGE_EXPIRED_MEMBERS_DAYS_DEFAULT);