diff --git a/api.go b/api.go index 3c219c8..4c6de70 100644 --- a/api.go +++ b/api.go @@ -21,6 +21,9 @@ type API interface { List(ctx context.Context) (*ListSitesResult, error) Read(ctx context.Context, id string) (*Site, error) Update(ctx context.Context, id string, param *UpdateSiteRequest) (*Site, error) + ReadACL(ctx context.Context, id string) (*ACLResult, error) + UpsertACL(ctx context.Context, id string, acl string) (*ACLResult, error) + DeleteACL(ctx context.Context, id string) error ReadCertificate(ctx context.Context, id string) (*Certificates, error) CreateCertificate(ctx context.Context, id string, param *CreateOrUpdateCertificateRequest) (*Certificates, error) UpdateCertificate(ctx context.Context, id string, param *CreateOrUpdateCertificateRequest) (*Certificates, error) diff --git a/op.go b/op.go index ddceaf8..bc0e6cd 100644 --- a/op.go +++ b/op.go @@ -112,6 +112,63 @@ func (o *Op) Update(ctx context.Context, id string, param *UpdateSiteRequest) (* return results.Site, nil } +// ReadACL サイトのACL取得 +func (o *Op) ReadACL(ctx context.Context, id string) (*ACLResult, error) { + url := o.Client.RootURL() + fmt.Sprintf("site/%s/acl", id) + + // build request body + var body interface{} + + // do request + data, err := o.Client.Do(ctx, "GET", url, body) + if err != nil { + return nil, err + } + + // build results + var result ACLResult + if err := json.Unmarshal(data, &result); err != nil { + return nil, err + } + return &result, nil +} + +// UpsertACL サイトのACLの登録/更新 +func (o *Op) UpsertACL(ctx context.Context, id string, acl string) (*ACLResult, error) { + url := o.Client.RootURL() + fmt.Sprintf("site/%s/acl", id) + + // build request body + type upsertACLRequest struct { + ACL string `validate:"required"` + } + body := &upsertACLRequest{ACL: acl} + + // do request + data, err := o.Client.Do(ctx, "PUT", url, body) + if err != nil { + return nil, err + } + + // build results + var result ACLResult + if err := json.Unmarshal(data, &result); err != nil { + return nil, err + } + return &result, nil +} + +// DeleteACL サイトのACLの削除 +func (o *Op) DeleteACL(ctx context.Context, id string) error { + url := o.Client.RootURL() + fmt.Sprintf("site/%s/acl", id) + + // build request body + var body interface{} + + // do request + _, err := o.Client.Do(ctx, "DELETE", url, body) + return err +} + // ReadCertificate サイト証明書の参照 func (o *Op) ReadCertificate(ctx context.Context, id string) (*Certificates, error) { url := o.Client.RootURL() + fmt.Sprintf("site/%s/certificate", id) diff --git a/op_test.go b/op_test.go index 9fc9873..7f2b7f5 100644 --- a/op_test.go +++ b/op_test.go @@ -100,6 +100,45 @@ func TestOp_Update(t *testing.T) { require.Equal(t, updated.DefaultCacheTTL, 0) } +func TestWebAccelOp_ACL(t *testing.T) { + checkEnv(t, "SAKURACLOUD_WEBACCEL_SITE_ID") + + client := testClient() + siteId := os.Getenv("SAKURACLOUD_WEBACCEL_SITE_ID") + ctx := context.Background() + + t.Run("create ACL", func(t *testing.T) { + acl := "deny 192.0.2.5/25\ndeny 198.51.100.0\nallow all" + result, err := client.UpsertACL(ctx, siteId, acl) + + require.NoError(t, err) + require.Equal(t, acl, result.ACL) + }) + t.Run("read ACL", func(t *testing.T) { + acl := "deny 192.0.2.5/25\ndeny 198.51.100.0\nallow all" + result, err := client.ReadACL(ctx, siteId) + + require.NoError(t, err) + require.Equal(t, acl, result.ACL) + }) + t.Run("update ACL", func(t *testing.T) { + acl := "allow 192.0.2.5/25\nallow 198.51.100.0\ndeny all" + result, err := client.UpsertACL(ctx, siteId, acl) + + require.NoError(t, err) + require.Equal(t, acl, result.ACL) + }) + t.Run("delete ACL", func(t *testing.T) { + if err := client.DeleteACL(ctx, siteId); err != nil { + t.Fatal("got unexpected error", err) + } + + result, err := client.ReadACL(ctx, siteId) + require.NoError(t, err) + require.Empty(t, result.ACL) + }) +} + func TestWebAccelOp_Cert(t *testing.T) { envKeys := []string{ "SAKURACLOUD_WEBACCEL_SITE_ID", diff --git a/parameter.go b/parameter.go index 8366d8a..02c252c 100644 --- a/parameter.go +++ b/parameter.go @@ -72,3 +72,7 @@ type UpdateSiteRequest struct { AccessKeyID string `json:",omitempty"` SecretAccessKey string `json:",omitempty"` } + +type ACLResult struct { + ACL string +}