ACL機能

api.go

@@ -21,6 +21,9 @@ type API interface {
 	List(ctx context.Context) (*ListSitesResult, error)
 	Read(ctx context.Context, id string) (*Site, error)
 	Update(ctx context.Context, id string, param *UpdateSiteRequest) (*Site, error)
+	ReadACL(ctx context.Context, id string) (*ACLResult, error)
+	UpsertACL(ctx context.Context, id string, acl string) (*ACLResult, error)
+	DeleteACL(ctx context.Context, id string) error
 	ReadCertificate(ctx context.Context, id string) (*Certificates, error)
 	CreateCertificate(ctx context.Context, id string, param *CreateOrUpdateCertificateRequest) (*Certificates, error)
 	UpdateCertificate(ctx context.Context, id string, param *CreateOrUpdateCertificateRequest) (*Certificates, error)

op.go

@@ -112,6 +112,63 @@ func (o *Op) Update(ctx context.Context, id string, param *UpdateSiteRequest) (*
 	return results.Site, nil
 }
 
+// ReadACL サイトのACL取得
+func (o *Op) ReadACL(ctx context.Context, id string) (*ACLResult, error) {
+	url := o.Client.RootURL() + fmt.Sprintf("site/%s/acl", id)
+
+	// build request body
+	var body interface{}
+
+	// do request
+	data, err := o.Client.Do(ctx, "GET", url, body)
+	if err != nil {
+		return nil, err
+	}
+
+	// build results
+	var result ACLResult
+	if err := json.Unmarshal(data, &result); err != nil {
+		return nil, err
+	}
+	return &result, nil
+}
+
+// UpsertACL サイトのACLの登録/更新
+func (o *Op) UpsertACL(ctx context.Context, id string, acl string) (*ACLResult, error) {
+	url := o.Client.RootURL() + fmt.Sprintf("site/%s/acl", id)
+
+	// build request body
+	type upsertACLRequest struct {
+		ACL string `validate:"required"`
+	}
+	body := &upsertACLRequest{ACL: acl}
+
+	// do request
+	data, err := o.Client.Do(ctx, "PUT", url, body)
+	if err != nil {
+		return nil, err
+	}
+
+	// build results
+	var result ACLResult
+	if err := json.Unmarshal(data, &result); err != nil {
+		return nil, err
+	}
+	return &result, nil
+}
+
+// DeleteACL サイトのACLの削除
+func (o *Op) DeleteACL(ctx context.Context, id string) error {
+	url := o.Client.RootURL() + fmt.Sprintf("site/%s/acl", id)
+
+	// build request body
+	var body interface{}
+
+	// do request
+	_, err := o.Client.Do(ctx, "DELETE", url, body)
+	return err
+}
+
 // ReadCertificate サイト証明書の参照
 func (o *Op) ReadCertificate(ctx context.Context, id string) (*Certificates, error) {
 	url := o.Client.RootURL() + fmt.Sprintf("site/%s/certificate", id)

op_test.go

@@ -100,6 +100,45 @@ func TestOp_Update(t *testing.T) {
 	require.Equal(t, updated.DefaultCacheTTL, 0)
 }
 
+func TestWebAccelOp_ACL(t *testing.T) {
+	checkEnv(t, "SAKURACLOUD_WEBACCEL_SITE_ID")
+
+	client := testClient()
+	siteId := os.Getenv("SAKURACLOUD_WEBACCEL_SITE_ID")
+	ctx := context.Background()
+
+	t.Run("create ACL", func(t *testing.T) {
+		acl := "deny 192.0.2.5/25\ndeny 198.51.100.0\nallow all"
+		result, err := client.UpsertACL(ctx, siteId, acl)
+
+		require.NoError(t, err)
+		require.Equal(t, acl, result.ACL)
+	})
+	t.Run("read ACL", func(t *testing.T) {
+		acl := "deny 192.0.2.5/25\ndeny 198.51.100.0\nallow all"
+		result, err := client.ReadACL(ctx, siteId)
+
+		require.NoError(t, err)
+		require.Equal(t, acl, result.ACL)
+	})
+	t.Run("update ACL", func(t *testing.T) {
+		acl := "allow 192.0.2.5/25\nallow 198.51.100.0\ndeny all"
+		result, err := client.UpsertACL(ctx, siteId, acl)
+
+		require.NoError(t, err)
+		require.Equal(t, acl, result.ACL)
+	})
+	t.Run("delete ACL", func(t *testing.T) {
+		if err := client.DeleteACL(ctx, siteId); err != nil {
+			t.Fatal("got unexpected error", err)
+		}
+
+		result, err := client.ReadACL(ctx, siteId)
+		require.NoError(t, err)
+		require.Empty(t, result.ACL)
+	})
+}
+
 func TestWebAccelOp_Cert(t *testing.T) {
 	envKeys := []string{
 		"SAKURACLOUD_WEBACCEL_SITE_ID",

parameter.go

@@ -72,3 +72,7 @@ type UpdateSiteRequest struct {
 	AccessKeyID     string `json:",omitempty"`
 	SecretAccessKey string `json:",omitempty"`
 }
+
+type ACLResult struct {
+	ACL string
+}