deployer account broker

deployer-account-broker.go

package main

import (
	"context"
	"errors"
	"fmt"

	"code.cloudfoundry.org/lager"
	"github.com/cloudfoundry-community/go-cfclient"
	"github.com/pivotal-cf/brokerapi"
	uaa "github.com/pivotalservices/go-uaac"
)

type User struct {
	ID       string `json:"id,omitempty"`
	UserName string `json:"userName,omitempty"`
	Password string `json:"password,omitempty"`
	Active   bool   `json:"active,omitempty"`
	Zone     string `json:"zone,omitempty"`
}

type DeployerAccountBroker struct {
	uaaClient uaa.Client
	cfClient  cfclient.Client
	logger    lager.Logger
}

func (b *DeployerAccountBroker) Services(context context.Context) []brokerapi.Service {
	return []brokerapi.Service{{
		ID:   "964bd86d-72fa-4852-957f-e4cd802de34b",
		Name: "deployer-account",
		Plans: []brokerapi.ServicePlan{{
			ID:   "074e652b-b77b-4ac3-8d5b-52144486b1a3",
			Name: "deployer-account",
		}},
	}}
}

func (b *DeployerAccountBroker) Provision(context context.Context, instanceID string, details brokerapi.ProvisionDetails, asyncAllowed bool) (brokerapi.ProvisionedServiceSpec, error) {
	userID, err := b.provisionUser(instanceID)
	if err != nil {
		return brokerapi.ProvisionedServiceSpec{}, err
	}

	err = b.setRole(instanceID, userID)
	if err != nil {
		return brokerapi.ProvisionedServiceSpec{}, err
	}

	return brokerapi.ProvisionedServiceSpec{IsAsync: asyncAllowed}, nil
}

func (b *DeployerAccountBroker) provisionUser(userID string) (string, error) {
	b.logger.Info("create-user", lager.Data{"user": "user"})
	req := b.uaaClient.NewRequest("PUT", "/Users")
	user := User{
		UserName: userID,
		Password: "password",
		Zone:     "zone",
	}
	req.SetPayload(user)
	err := b.uaaClient.ExecuteAndUnmarshall(req, &user)
	if err != nil {
		return "", err
	}
	return user.ID, nil
}

func (b *DeployerAccountBroker) deprovisionUser(userID string) error {
	b.logger.Info("create-user", lager.Data{"user": "user"})
	req := b.uaaClient.NewRequest("PATCH", fmt.Sprintf("/Users/%s", userID))
	user := User{
		ID:     userID,
		Active: false,
	}
	req.SetPayload(user)
	_, err := b.uaaClient.ExecuteRequest(req)
	return err
}

func (b *DeployerAccountBroker) setRole(instanceID, userID string) error {
	b.logger.Info("set-role", lager.Data{"id": userID})
	req := b.cfClient.NewRequest("PUT", fmt.Sprintf("/v2/spaces/%s/developers/%s", instanceID, userID))
	resp, err := b.cfClient.DoRequest(req)
	if err != nil {
		return err
	}
	if resp.StatusCode != 201 {
		return fmt.Errorf("Expected status 201; got: %d", resp.StatusCode)
	}
	return nil
}

func (b *DeployerAccountBroker) Deprovision(context context.Context, instanceID string, details brokerapi.DeprovisionDetails, asyncAllowed bool) (brokerapi.DeprovisionServiceSpec, error) {
	err := b.deprovisionUser(instanceID)
	if err != nil {
		return brokerapi.DeprovisionServiceSpec{}, err
	}
	return brokerapi.DeprovisionServiceSpec{IsAsync: asyncAllowed}, nil
}

func (b *DeployerAccountBroker) Bind(context context.Context, instanceID, bindingID string, details brokerapi.BindDetails) (brokerapi.Binding, error) {
	return brokerapi.Binding{
		Credentials: map[string]string{
			"username": instanceID,
			"password": "password",
		},
	}, nil
}

func (b *DeployerAccountBroker) Unbind(context context.Context, instanceID, bindingID string, details brokerapi.UnbindDetails) error {
	return nil
}

func (b *DeployerAccountBroker) Update(context context.Context, instanceID string, details brokerapi.UpdateDetails, asyncAllowed bool) (brokerapi.UpdateServiceSpec, error) {
	return brokerapi.UpdateServiceSpec{}, errors.New("Broker does not support update")
}

func (b *DeployerAccountBroker) LastOperation(context context.Context, instanceID, operationData string) (brokerapi.LastOperation, error) {
	return brokerapi.LastOperation{}, errors.New("TODO")
}