AUTH-5428 added tags to access namespace

cloudflare · Sep 14, 2023 · 220ddf1 · 220ddf1
1 parent f968533
commit 220ddf1
Show file tree

Hide file tree

Showing 5 changed files with 299 additions and 3 deletions.
diff --git a/.changelog/1402.txt b/.changelog/1402.txt
@@ -0,0 +1,7 @@
+```release-note:enhancement
+access_application: Add support for tags
+```
+
+```release-note:enhancement
+access_tag: Add support for tags
+```
diff --git a/access_application.go b/access_application.go
@@ -53,6 +53,7 @@ type AccessApplication struct {
 	ServiceAuth401Redirect   *bool                          `json:"service_auth_401_redirect,omitempty"`
 	PathCookieAttribute      *bool                          `json:"path_cookie_attribute,omitempty"`
 	CustomPages              []string                       `json:"custom_pages,omitempty"`
+	Tags                     []string                       `json:"tags,omitempty"`
 }
 
 type AccessApplicationGatewayRule struct {
@@ -144,6 +145,7 @@ type CreateAccessApplicationParams struct {
 	SkipInterstitial         *bool                          `json:"skip_interstitial,omitempty"`
 	Type                     AccessApplicationType          `json:"type,omitempty"`
 	CustomPages              []string                       `json:"custom_pages,omitempty"`
+	Tags                     []string                       `json:"tags,omitempty"`
 }
 
 type UpdateAccessApplicationParams struct {
@@ -172,6 +174,7 @@ type UpdateAccessApplicationParams struct {
 	SkipInterstitial         *bool                          `json:"skip_interstitial,omitempty"`
 	Type                     AccessApplicationType          `json:"type,omitempty"`
 	CustomPages              []string                       `json:"custom_pages,omitempty"`
+	Tags                     []string                       `json:"tags,omitempty"`
 }
 
 // ListAccessApplications returns all applications within an account or zone.

diff --git a/access_application_test.go b/access_application_test.go
@@ -48,7 +48,8 @@ func TestAccessApplications(t *testing.T) {
 					"app_launcher_visible": true,
 					"service_auth_401_redirect": true,
 					"path_cookie_attribute": true,
-					"custom_pages": ["480f4f69-1a28-4fdd-9240-1ed29f0ac1dc"]
+					"custom_pages": ["480f4f69-1a28-4fdd-9240-1ed29f0ac1dc"],
+					"tags": ["engineers"]
 				}
 			],
 			"result_info": {
@@ -86,6 +87,7 @@ func TestAccessApplications(t *testing.T) {
 		SkipInterstitial:         BoolPtr(true),
 		PathCookieAttribute:      BoolPtr(true),
 		CustomPages:              []string{"480f4f69-1a28-4fdd-9240-1ed29f0ac1dc"},
+		Tags:                     []string{"engineers"},
 		CustomNonIdentityDenyURL: "https://blocked.com",
 	}}
 
@@ -218,7 +220,8 @@ func TestCreateAccessApplications(t *testing.T) {
 				"logo_url": "https://www.example.com/example.png",
 				"skip_interstitial": true,
 				"app_launcher_visible": true,
-				"service_auth_401_redirect": true
+				"service_auth_401_redirect": true,
+				"tags": ["engineers"]
 			}
 		}
 		`)
@@ -246,6 +249,7 @@ func TestCreateAccessApplications(t *testing.T) {
 		CreatedAt:                &createdAt,
 		UpdatedAt:                &updatedAt,
 		CustomNonIdentityDenyURL: "https://blocked.com",
+		Tags:                     []string{"engineers"},
 	}
 
 	mux.HandleFunc("/accounts/"+testAccountID+"/access/apps", handler)
@@ -303,7 +307,8 @@ func TestUpdateAccessApplication(t *testing.T) {
 				"logo_url": "https://www.example.com/example.png",
 				"skip_interstitial": true,
 				"app_launcher_visible": true,
-				"service_auth_401_redirect": true
+				"service_auth_401_redirect": true,
+				"tags": ["engineers"]
 			}
 		}
 		`)
@@ -326,6 +331,7 @@ func TestUpdateAccessApplication(t *testing.T) {
 		CustomDenyURL:            "https://www.example.com",
 		LogoURL:                  "https://www.example.com/example.png",
 		CustomNonIdentityDenyURL: "https://blocked.com",
+		Tags:                     []string{"engineers"},
 		SkipInterstitial:         BoolPtr(true),
 		CreatedAt:                &createdAt,
 		UpdatedAt:                &updatedAt,
@@ -349,6 +355,7 @@ func TestUpdateAccessApplication(t *testing.T) {
 		LogoURL:                  "https://www.example.com/example.png",
 		SkipInterstitial:         BoolPtr(true),
 		CustomNonIdentityDenyURL: "https://blocked.com",
+		Tags:                     []string{"engineers"},
 	}
 
 	mux.HandleFunc("/accounts/"+testAccountID+"/access/apps/480f4f69-1a28-4fdd-9240-1ed29f0ac1db", handler)
@@ -634,6 +641,7 @@ func TestCreateSaasAccessApplications(t *testing.T) {
 				"app_launcher_visible": true,
 				"service_auth_401_redirect": true,
 				"custom_non_identity_deny_url": "https://blocked.com",
+				"tags": ["engineers"],
 				"saas_app": {
 					"consumer_service_url": "https://saas.example.com",
 					"sp_entity_id": "dash.example.com",
@@ -716,6 +724,7 @@ func TestCreateSaasAccessApplications(t *testing.T) {
 		CreatedAt:                &createdAt,
 		UpdatedAt:                &updatedAt,
 		CustomNonIdentityDenyURL: "https://blocked.com",
+		Tags:                     []string{"engineers"},
 	}
 
 	mux.HandleFunc("/accounts/"+testAccountID+"/access/apps", handler)

diff --git a/access_tag.go b/access_tag.go
@@ -0,0 +1,108 @@
+package cloudflare
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+
+	"github.com/goccy/go-json"
+)
+
+type AccessTag struct {
+	Name     string `json:"name,omitempty"`
+	AppCount int    `json:"app_count,omitempty"`
+}
+
+type AccessTagListResponse struct {
+	Response
+	Result     []AccessTag `json:"result"`
+	ResultInfo `json:"result_info"`
+}
+
+type AccessTagResponse struct {
+	Response
+	Result AccessTag `json:"result"`
+}
+
+type ListAccessTagsParams struct{}
+
+type CreateAccessTagParams struct {
+	Name string `json:"name,omitempty"`
+}
+
+type UpdateAccessTagParams struct {
+	Name string `json:"name,omitempty"`
+}
+
+func (api *API) ListAccessTags(ctx context.Context, rc *ResourceContainer, params ListAccessTagsParams) ([]AccessTag, error) {
+	uri := buildURI(fmt.Sprintf("/%s/%s/access/tags", rc.Level, rc.Identifier), params)
+	res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
+	if err != nil {
+		return []AccessTag{}, err
+	}
+
+	var TagsResponse AccessTagListResponse
+	err = json.Unmarshal(res, &TagsResponse)
+	if err != nil {
+		return []AccessTag{}, err
+	}
+	return TagsResponse.Result, nil
+}
+
+func (api *API) GetAccessTag(ctx context.Context, rc *ResourceContainer, tagName string) (AccessTag, error) {
+	uri := fmt.Sprintf("/%s/%s/access/tags/%s", rc.Level, rc.Identifier, tagName)
+	res, err := api.makeRequestContext(ctx, http.MethodGet, uri, nil)
+	if err != nil {
+		return AccessTag{}, err
+	}
+
+	var TagResponse AccessTagResponse
+	err = json.Unmarshal(res, &TagResponse)
+	if err != nil {
+		return AccessTag{}, err
+	}
+	return TagResponse.Result, nil
+}
+
+func (api *API) CreateAccessTag(ctx context.Context, rc *ResourceContainer, params CreateAccessTagParams) (AccessTag, error) {
+	uri := fmt.Sprintf("/%s/%s/access/tags", rc.Level, rc.Identifier)
+	res, err := api.makeRequestContext(ctx, http.MethodPost, uri, params)
+	if err != nil {
+		return AccessTag{}, err
+	}
+
+	var TagResponse AccessTagResponse
+	err = json.Unmarshal(res, &TagResponse)
+	if err != nil {
+		return AccessTag{}, err
+	}
+	return TagResponse.Result, nil
+}
+
+func (api *API) DeleteAccessTag(ctx context.Context, rc *ResourceContainer, tagName string) error {
+	uri := fmt.Sprintf("/%s/%s/access/tags/%s", rc.Level, rc.Identifier, tagName)
+	_, err := api.makeRequestContext(ctx, http.MethodDelete, uri, nil)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func (api *API) UpdateAccessTag(ctx context.Context, rc *ResourceContainer, params UpdateAccessTagParams) (AccessTag, error) {
+	if params.Name == "" {
+		return AccessTag{}, ErrMissingName
+	}
+
+	uri := fmt.Sprintf("/%s/%s/access/tags/%s", rc.Level, rc.Identifier, params.Name)
+	res, err := api.makeRequestContext(ctx, http.MethodPut, uri, params)
+	if err != nil {
+		return AccessTag{}, err
+	}
+
+	var TagResponse AccessTagResponse
+	err = json.Unmarshal(res, &TagResponse)
+	if err != nil {
+		return AccessTag{}, err
+	}
+	return TagResponse.Result, nil
+}
diff --git a/access_tag_test.go b/access_tag_test.go
@@ -0,0 +1,169 @@
+package cloudflare
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestAccessTags(t *testing.T) {
+	setup()
+	defer teardown()
+
+	handler := func(w http.ResponseWriter, r *http.Request) {
+		assert.Equal(t, r.Method, http.MethodGet, "HTTP method")
+		w.Header().Set("content-type", "application/json")
+		fmt.Fprintf(w, `{
+			"success": true,
+			"errors": [],
+			"messages": [],
+			"result": [
+				{
+					"name": "engineers",
+					"app_count": 0
+				}
+			],
+			"result_info": {
+				"page": 1,
+				"per_page": 20,
+				"count": 1,
+				"total_count": 1
+			}
+		}`)
+	}
+
+	want := []AccessTag{
+		{
+			Name:     "engineers",
+			AppCount: 0,
+		},
+	}
+	mux.HandleFunc("/accounts/"+testAccountID+"/access/tags", handler)
+	actual, err := client.ListAccessTags(context.Background(), AccountIdentifier(testAccountID), ListAccessTagsParams{})
+
+	if assert.NoError(t, err) {
+		assert.Equal(t, want, actual)
+	}
+}
+
+func TestAccessTag(t *testing.T) {
+	setup()
+	defer teardown()
+
+	handler := func(w http.ResponseWriter, r *http.Request) {
+		assert.Equal(t, r.Method, http.MethodGet, "HTTP method")
+		w.Header().Set("Content-Type", "application/json")
+		fmt.Fprintf(w, `{
+			"success": true,
+			"errors": [],
+			"messages": [],
+			"result": {
+				"name": "engineers",
+				"app_count": 0
+			}
+		}`)
+	}
+
+	want := AccessTag{
+		Name:     "engineers",
+		AppCount: 0,
+	}
+	mux.HandleFunc("/accounts/"+testAccountID+"/access/tags/engineers", handler)
+	actual, err := client.GetAccessTag(context.Background(), AccountIdentifier(testAccountID), "engineers")
+
+	if assert.NoError(t, err) {
+		assert.Equal(t, want, actual)
+	}
+}
+
+func TestCreateAccessTag(t *testing.T) {
+	setup()
+	defer teardown()
+
+	handler := func(w http.ResponseWriter, r *http.Request) {
+		assert.Equal(t, r.Method, http.MethodPost, "HTTP method")
+		w.Header().Set("Content-Type", "application/json")
+		fmt.Fprintf(w, `{
+			"success": true,
+			"errors": [],
+			"messages": [],
+			"result": {
+				"name": "sales",
+				"app_count": 0
+			}
+		}`)
+	}
+
+	Tag := AccessTag{
+		Name:     "sales",
+		AppCount: 0,
+	}
+
+	mux.HandleFunc("/accounts/"+testAccountID+"/access/tags", handler)
+	actual, err := client.CreateAccessTag(context.Background(), AccountIdentifier(testAccountID), CreateAccessTagParams{
+		Name: "sales",
+	})
+
+	if assert.NoError(t, err) {
+		assert.Equal(t, Tag, actual)
+	}
+}
+
+func TestUpdateAccessTag(t *testing.T) {
+	setup()
+	defer teardown()
+
+	handler := func(w http.ResponseWriter, r *http.Request) {
+		assert.Equal(t, r.Method, http.MethodPut, "HTTP method")
+		w.Header().Set("Content-Type", "application/json")
+		fmt.Fprintf(w, `{
+			"success": true,
+			"errors": [],
+			"messages": [],
+			"result": {
+				"name": "sales",
+				"app_count": 0
+			}
+		}`)
+	}
+
+	Tag := AccessTag{
+		Name:     "sales",
+		AppCount: 0,
+	}
+
+	mux.HandleFunc("/accounts/"+testAccountID+"/access/tags/sales", handler)
+	actual, err := client.UpdateAccessTag(context.Background(), AccountIdentifier(testAccountID), UpdateAccessTagParams{
+		Name: "sales",
+	})
+
+	if assert.NoError(t, err) {
+		assert.Equal(t, Tag, actual)
+	}
+}
+
+func TestDeleteAccessTag(t *testing.T) {
+	setup()
+	defer teardown()
+
+	handler := func(w http.ResponseWriter, r *http.Request) {
+		assert.Equal(t, r.Method, http.MethodDelete, "HTTP method")
+		w.Header().Set("Content-Type", "application/json")
+		fmt.Fprintf(w, `{
+			"success": true,
+			"errors": [],
+			"messages": [],
+			result: {
+				"id": "engineers"
+			}
+		}`)
+	}
+
+	mux.HandleFunc("/accounts/"+testAccountID+"/access/tags/engineers", handler)
+	err := client.DeleteAccessTag(context.Background(), AccountIdentifier(testAccountID), "engineers")
+
+	assert.NoError(t, err)
+}