Merge branch '840-user-admin-orgs' into 2.x

Author: twoseat

cloudfoundry-operations/src/main/java/org/cloudfoundry/operations/useradmin/DefaultUserAdmin.java

@@ -20,11 +20,20 @@
 import org.cloudfoundry.client.v2.ClientV2Exception;
 import org.cloudfoundry.client.v2.featureflags.GetFeatureFlagRequest;
 import org.cloudfoundry.client.v2.featureflags.GetFeatureFlagResponse;
+import org.cloudfoundry.client.v2.organizations.AssociateOrganizationAuditorByUsernameRequest;
+import org.cloudfoundry.client.v2.organizations.AssociateOrganizationBillingManagerByUsernameRequest;
+import org.cloudfoundry.client.v2.organizations.AssociateOrganizationManagerByUsernameRequest;
 import org.cloudfoundry.client.v2.organizations.AssociateOrganizationUserByUsernameRequest;
 import org.cloudfoundry.client.v2.organizations.AssociateOrganizationUserByUsernameResponse;
+import org.cloudfoundry.client.v2.organizations.ListOrganizationAuditorsRequest;
+import org.cloudfoundry.client.v2.organizations.ListOrganizationBillingManagersRequest;
+import org.cloudfoundry.client.v2.organizations.ListOrganizationManagersRequest;
 import org.cloudfoundry.client.v2.organizations.ListOrganizationSpacesRequest;
 import org.cloudfoundry.client.v2.organizations.ListOrganizationsRequest;
 import org.cloudfoundry.client.v2.organizations.OrganizationResource;
+import org.cloudfoundry.client.v2.organizations.RemoveOrganizationAuditorByUsernameRequest;
+import org.cloudfoundry.client.v2.organizations.RemoveOrganizationBillingManagerByUsernameRequest;
+import org.cloudfoundry.client.v2.organizations.RemoveOrganizationManagerByUsernameRequest;
 import org.cloudfoundry.client.v2.spaces.AssociateSpaceAuditorByUsernameRequest;
 import org.cloudfoundry.client.v2.spaces.AssociateSpaceDeveloperByUsernameRequest;
 import org.cloudfoundry.client.v2.spaces.AssociateSpaceManagerByUsernameRequest;
@@ -100,6 +109,23 @@ public Mono<Void> delete(DeleteUserRequest request) {
             .checkpoint();
     }
 
+    @Override
+    public Mono<OrganizationUsers> listOrganizationUsers(ListOrganizationUsersRequest request) {
+        return this.cloudFoundryClient
+            .then(cloudFoundryClient -> Mono.when(
+                Mono.just(cloudFoundryClient),
+                getOrganizationId(cloudFoundryClient, request.getOrganizationName())
+            ))
+            .then(function((cloudFoundryClient, organizationId) -> Mono.when(
+                listOrganizationAuditorNames(cloudFoundryClient, organizationId),
+                listOrganizationBillingManagerNames(cloudFoundryClient, organizationId),
+                listOrganizationManagerNames(cloudFoundryClient, organizationId)
+            )))
+            .then(function(this::toOrganizationUsers))
+            .transform(OperationsLogging.log("List Organization Users"))
+            .checkpoint();
+    }
+
     @Override
     public Mono<SpaceUsers> listSpaceUsers(ListSpaceUsersRequest request) {
         return this.cloudFoundryClient
@@ -121,6 +147,27 @@ public Mono<SpaceUsers> listSpaceUsers(ListSpaceUsersRequest request) {
             .checkpoint();
     }
 
+    @Override
+    public Mono<Void> setOrganizationRole(SetOrganizationRoleRequest request) {
+        return this.cloudFoundryClient
+            .then(cloudFoundryClient -> Mono.when(
+                Mono.just(cloudFoundryClient),
+                getFeatureFlagEnabled(cloudFoundryClient, SET_ROLES_BY_USERNAME_FEATURE_FLAG)
+            ))
+            .filter(predicate((cloudFoundryClient, setRolesByUsernameEnabled) -> setRolesByUsernameEnabled))
+            .switchIfEmpty(ExceptionUtils.illegalState("Setting roles by username is not enabled"))
+            .then(function((cloudFoundryClient, ignore) -> Mono.when(
+                Mono.just(cloudFoundryClient),
+                getOrganizationId(cloudFoundryClient, request.getOrganizationName()))
+            ))
+            .then(function((cloudFoundryClient, organizationId) -> Mono.when(
+                requestAssociateOrganizationUserByUsername(cloudFoundryClient, organizationId, request),
+                associateOrganizationRole(cloudFoundryClient, organizationId, request))
+            ))
+            .transform(OperationsLogging.log("Set User Organization Role"))
+            .then();
+    }
+
     @Override
     public Mono<Void> setSpaceRole(SetSpaceRoleRequest request) {
         return this.cloudFoundryClient
@@ -149,6 +196,24 @@ public Mono<Void> setSpaceRole(SetSpaceRoleRequest request) {
             .then();
     }
 
+    @Override
+    public Mono<Void> unsetOrganizationRole(UnsetOrganizationRoleRequest request) {
+        return this.cloudFoundryClient
+            .then(cloudFoundryClient -> Mono.when(
+                Mono.just(cloudFoundryClient),
+                getFeatureFlagEnabled(cloudFoundryClient, UNSET_ROLES_BY_USERNAME_FEATURE_FLAG)
+            ))
+            .filter(predicate((cloudFoundryClient, setRolesByUsernameEnabled) -> setRolesByUsernameEnabled))
+            .switchIfEmpty(ExceptionUtils.illegalState("Unsetting roles by username is not enabled"))
+            .then(function((cloudFoundryClient, ignore) -> Mono.when(
+                Mono.just(cloudFoundryClient),
+                getOrganizationId(cloudFoundryClient, request.getOrganizationName()))
+            ))
+            .then(function((cloudFoundryClient, organizationId) -> removeOrganizationRole(cloudFoundryClient, organizationId, request)))
+            .transform(OperationsLogging.log("Unset User Organization Role"))
+            .then();
+    }
+
     @Override
     public Mono<Void> unsetSpaceRole(UnsetSpaceRoleRequest request) {
         return this.cloudFoundryClient
@@ -171,6 +236,37 @@ public Mono<Void> unsetSpaceRole(UnsetSpaceRoleRequest request) {
             .then();
     }
 
+    private static Mono<Void> associateOrganizationRole(CloudFoundryClient cloudFoundryClient, String organizationId, SetOrganizationRoleRequest request) {
+        if (OrganizationRole.AUDITOR == request.getOrganizationRole()) {
+            return cloudFoundryClient.organizations()
+                .associateAuditorByUsername(AssociateOrganizationAuditorByUsernameRequest.builder()
+                    .organizationId(organizationId)
+                    .username(request.getUsername())
+                    .build())
+                .then();
+        }
+
+        if (OrganizationRole.BILLING_MANAGER == request.getOrganizationRole()) {
+            return cloudFoundryClient.organizations()
+                .associateBillingManagerByUsername(AssociateOrganizationBillingManagerByUsernameRequest.builder()
+                    .organizationId(organizationId)
+                    .username(request.getUsername())
+                    .build())
+                .then();
+        }
+
+        if (OrganizationRole.MANAGER == request.getOrganizationRole()) {
+            return cloudFoundryClient.organizations()
+                .associateManagerByUsername(AssociateOrganizationManagerByUsernameRequest.builder()
+                    .organizationId(organizationId)
+                    .username(request.getUsername())
+                    .build())
+                .then();
+        }
+
+        return ExceptionUtils.illegalArgument("Unknown organization role specified");
+    }
+
     private static Mono<AssociateOrganizationUserByUsernameResponse> associateOrganizationRole(CloudFoundryClient cloudFoundryClient, String username, String organizationId) {
         return cloudFoundryClient.organizations()
             .associateUserByUsername(AssociateOrganizationUserByUsernameRequest.builder()
@@ -253,6 +349,24 @@ private static Mono<String> getUserId(UaaClient uaaClient, String username) {
             .map(User::getId);
     }
 
+    private static Mono<List<String>> listOrganizationAuditorNames(CloudFoundryClient cloudFoundryClient, String organizationId) {
+        return requestListOrganizationAuditors(cloudFoundryClient, organizationId)
+            .map(resource -> ResourceUtils.getEntity(resource).getUsername())
+            .collectList();
+    }
+
+    private static Mono<List<String>> listOrganizationBillingManagerNames(CloudFoundryClient cloudFoundryClient, String organizationId) {
+        return requestListOrganizationBillingManagers(cloudFoundryClient, organizationId)
+            .map(resource -> ResourceUtils.getEntity(resource).getUsername())
+            .collectList();
+    }
+
+    private static Mono<List<String>> listOrganizationManagerNames(CloudFoundryClient cloudFoundryClient, String organizationId) {
+        return requestListOrganizationManagers(cloudFoundryClient, organizationId)
+            .map(resource -> ResourceUtils.getEntity(resource).getUsername())
+            .collectList();
+    }
+
     private static Mono<List<String>> listSpaceAuditorNames(CloudFoundryClient cloudFoundryClient, String spaceId) {
         return requestListSpaceAuditors(cloudFoundryClient, spaceId)
             .map(resource -> ResourceUtils.getEntity(resource).getUsername())
@@ -271,6 +385,37 @@ private static Mono<List<String>> listSpaceManagerNames(CloudFoundryClient cloud
             .collectList();
     }
 
+    private static Mono<Void> removeOrganizationRole(CloudFoundryClient cloudFoundryClient, String organizationId, UnsetOrganizationRoleRequest request) {
+        if (OrganizationRole.AUDITOR == request.getOrganizationRole()) {
+            return cloudFoundryClient.organizations()
+                .removeAuditorByUsername(RemoveOrganizationAuditorByUsernameRequest.builder()
+                    .organizationId(organizationId)
+                    .username(request.getUsername())
+                    .build())
+                .then();
+        }
+
+        if (OrganizationRole.BILLING_MANAGER == request.getOrganizationRole()) {
+            return cloudFoundryClient.organizations()
+                .removeBillingManagerByUsername(RemoveOrganizationBillingManagerByUsernameRequest.builder()
+                    .organizationId(organizationId)
+                    .username(request.getUsername())
+                    .build())
+                .then();
+        }
+
+        if (OrganizationRole.MANAGER == request.getOrganizationRole()) {
+            return cloudFoundryClient.organizations()
+                .removeManagerByUsername(RemoveOrganizationManagerByUsernameRequest.builder()
+                    .organizationId(organizationId)
+                    .username(request.getUsername())
+                    .build())
+                .then();
+        }
+
+        return ExceptionUtils.illegalArgument("Unknown organization role specified");
+    }
+
     private static Mono<Void> removeSpaceRole(CloudFoundryClient cloudFoundryClient, UnsetSpaceRoleRequest request, String spaceId) {
         if (SpaceRole.AUDITOR == request.getSpaceRole()) {
             return cloudFoundryClient.spaces()
@@ -302,6 +447,15 @@ private static Mono<Void> removeSpaceRole(CloudFoundryClient cloudFoundryClient,
         return ExceptionUtils.illegalArgument("Unknown space role specified");
     }
 
+    private static Mono<AssociateOrganizationUserByUsernameResponse> requestAssociateOrganizationUserByUsername(CloudFoundryClient cloudFoundryClient, String organizationId,
+                                                                                                                SetOrganizationRoleRequest request) {
+        return cloudFoundryClient.organizations()
+            .associateUserByUsername(AssociateOrganizationUserByUsernameRequest.builder()
+                .organizationId(organizationId)
+                .username(request.getUsername())
+                .build());
+    }
+
     private static Mono<CreateUserResponse> requestCreateUaaUser(UaaClient uaaClient, CreateUserRequest request) {
         return uaaClient.users()
             .create(org.cloudfoundry.uaa.users.CreateUserRequest.builder()
@@ -347,6 +501,30 @@ private static Mono<GetFeatureFlagResponse> requestGetFeatureFlag(CloudFoundryCl
                 .build());
     }
 
+    private static Flux<UserResource> requestListOrganizationAuditors(CloudFoundryClient cloudFoundryClient, String organizationId) {
+        return PaginationUtils.requestClientV2Resources(page -> cloudFoundryClient.organizations()
+            .listAuditors(ListOrganizationAuditorsRequest.builder()
+                .organizationId(organizationId)
+                .page(page)
+                .build()));
+    }
+
+    private static Flux<UserResource> requestListOrganizationBillingManagers(CloudFoundryClient cloudFoundryClient, String organizationId) {
+        return PaginationUtils.requestClientV2Resources(page -> cloudFoundryClient.organizations()
+            .listBillingManagers(ListOrganizationBillingManagersRequest.builder()
+                .organizationId(organizationId)
+                .page(page)
+                .build()));
+    }
+
+    private static Flux<UserResource> requestListOrganizationManagers(CloudFoundryClient cloudFoundryClient, String organizationId) {
+        return PaginationUtils.requestClientV2Resources(page -> cloudFoundryClient.organizations()
+            .listManagers(ListOrganizationManagersRequest.builder()
+                .organizationId(organizationId)
+                .page(page)
+                .build()));
+    }
+
     private static Flux<OrganizationResource> requestListOrganizations(CloudFoundryClient cloudFoundryClient, String organizationName) {
         return PaginationUtils.requestClientV2Resources(page -> cloudFoundryClient.organizations()
             .list(ListOrganizationsRequest.builder()
@@ -388,6 +566,14 @@ private static Flux<SpaceResource> requestListSpaces(CloudFoundryClient cloudFou
                 .build()));
     }
 
+    private Mono<OrganizationUsers> toOrganizationUsers(List<String> auditors, List<String> billingManagers, List<String> managers) {
+        return Mono.just(OrganizationUsers.builder()
+            .addAllAuditors(auditors)
+            .addAllBillingManagers(billingManagers)
+            .addAllManagers(managers)
+            .build());
+    }
+
     private Mono<SpaceUsers> toSpaceUsers(List<String> auditors, List<String> developers, List<String> managers) {
         return Mono.just(SpaceUsers.builder()
             .addAllAuditors(auditors)

cloudfoundry-operations/src/main/java/org/cloudfoundry/operations/useradmin/OrganizationRole.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright 2013-2018 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.cloudfoundry.operations.useradmin;
+
+/**
+ * The organization roles of users
+ */
+public enum OrganizationRole {
+
+    /**
+     * User is an Auditor for the organization
+     */
+    AUDITOR,
+
+    /**
+     * User is a Billing Manager for the organization
+     */
+    BILLING_MANAGER,
+
+    /**
+     * User is a Manager for the organization
+     */
+    MANAGER
+
+}

cloudfoundry-operations/src/main/java/org/cloudfoundry/operations/useradmin/UserAdmin.java

@@ -39,6 +39,14 @@ public interface UserAdmin {
      */
     Mono<Void> delete(DeleteUserRequest request);
 
+    /**
+     * List organization users
+     *
+     * @param request the list organization users request
+     * @return the Organization Users
+     */
+    Mono<OrganizationUsers> listOrganizationUsers(ListOrganizationUsersRequest request);
+
     /**
      * List space users
      *
@@ -47,6 +55,14 @@ public interface UserAdmin {
      */
     Mono<SpaceUsers> listSpaceUsers(ListSpaceUsersRequest request);
 
+    /**
+     * Assign an organization role to a user
+     *
+     * @param request the set organization user request
+     * @return completion indicator
+     */
+    Mono<Void> setOrganizationRole(SetOrganizationRoleRequest request);
+
     /**
      * Assign a space role to a user
      *
@@ -55,6 +71,14 @@ public interface UserAdmin {
      */
     Mono<Void> setSpaceRole(SetSpaceRoleRequest request);
 
+    /**
+     * Remove an organization role from a user
+     *
+     * @param request the unset organization user request
+     * @return completion indicator
+     */
+    Mono<Void> unsetOrganizationRole(UnsetOrganizationRoleRequest request);
+
     /**
      * Remove a space role from a user
      *

cloudfoundry-operations/src/main/java/org/cloudfoundry/operations/useradmin/_ListOrganizationUsersRequest.java

@@ -0,0 +1,32 @@
+/*
+ * Copyright 2013-2018 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.cloudfoundry.operations.useradmin;
+
+import org.immutables.value.Value;
+
+/**
+ * The request options for the list organization users operation
+ */
+@Value.Immutable
+abstract class _ListOrganizationUsersRequest {
+
+    /**
+     * Organization name to list
+     */
+    abstract String getOrganizationName();
+
+}