auto-remove expired principals from roles/groups

Signed-off-by: mshneorson <[email protected]>
AthenZ · Aug 29, 2022 · fa717c6 · fa717c6
1 parent aa6842e
commit fa717c6
Show file tree

Hide file tree

Showing 24 changed files with 1,737 additions and 294 deletions.
diff --git a/clients/go/zms/client.go b/clients/go/zms/client.go
@@ -827,21 +827,31 @@ func (client ZMSClient) GetAuthHistoryDependencies(domainName DomainName) (*Auth
 	}
 }
 
-func (client ZMSClient) DeleteExpiredMembers(purgeResources *int32) error {
+func (client ZMSClient) DeleteExpiredMembers(purgeResources *int32, returnObj *bool) (*ExpiredMembers, error) {
+	var data *ExpiredMembers
+	headers := map[string]string{
+		"Athenz-Return-Object": strconv.FormatBool(*returnObj),
+	}
 	url := client.URL + "/expired-members" + encodeParams(encodeOptionalInt32Param("purgeResources", purgeResources))
-	resp, err := client.httpDelete(url, nil)
+	resp, err := client.httpDelete(url, headers)
 	if err != nil {
-		return err
+		return data, err
 	}
 	defer resp.Body.Close()
 	switch resp.StatusCode {
-	case 204:
-		return nil
+	case 204, 200:
+		if 204 != resp.StatusCode {
+			err = json.NewDecoder(resp.Body).Decode(&data)
+			if err != nil {
+				return data, err
+			}
+		}
+		return data, nil
 	default:
 		var errobj rdl.ResourceError
 		contentBytes, err := ioutil.ReadAll(resp.Body)
 		if err != nil {
-			return err
+			return data, err
 		}
 		json.Unmarshal(contentBytes, &errobj)
 		if errobj.Code == 0 {
@@ -850,7 +860,7 @@ func (client ZMSClient) DeleteExpiredMembers(purgeResources *int32) error {
 		if errobj.Message == "" {
 			errobj.Message = string(contentBytes)
 		}
-		return errobj
+		return data, errobj
 	}
 }