Merge pull request #805 from openziti/organizations

Organizations (MVP) (#537
openziti · Dec 12, 2024 · f406c8c · f406c8c
2 parents f86546b + 5c29a65
commit f406c8c
Show file tree

Hide file tree

Showing 128 changed files with 16,506 additions and 555 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,10 @@
 
 ## v0.4.45
 
+FEATURE: Minimal support for "organizations". Site admin API endpoints provided to create, list, and delete "organizations". Site admin API endpoints provided to add, list, and remove "organization members" (zrok accounts) with the ability to mark accounts as a "organization admin". API endpoints provided for organization admins to list the members of their organizations, and to also see the overview (environments, shares, and accesses) for any account in their organization. API endpoint for end users to see which organizations their account is a member of (https://github.com/openziti/zrok/issues/537) 
+
+CHANGE: briefly mention the backend modes that apply to public and private share concepts
+
 FIX: Update indirect dependency `github.com/golang-jwt/jwt/v4` to version `v4.5.1` (https://github.com/openziti/zrok/issues/794)
 
 FIX: Document unique names
@@ -12,7 +16,6 @@ FIX: Docker reserved private share startup error (https://github.com/openziti/zr
 
 FIX: Correct the download URL for the armv7 Linux release (https://github.com/openziti/zrok/issues/782)
 
-CHANGE: briefly mention the backend modes that apply to public and private share concepts
 
 ## v0.4.44
 

diff --git a/cmd/zrok/adminCreateOrgMember.go b/cmd/zrok/adminCreateOrgMember.go
@@ -0,0 +1,54 @@
+package main
+
+import (
+	"github.com/openziti/zrok/environment"
+	"github.com/openziti/zrok/rest_client_zrok/admin"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	adminCreateCmd.AddCommand(newAdminCreateOrgMemberCommand().cmd)
+}
+
+type adminCreateOrgMemberCommand struct {
+	cmd   *cobra.Command
+	admin bool
+}
+
+func newAdminCreateOrgMemberCommand() *adminCreateOrgMemberCommand {
+	cmd := &cobra.Command{
+		Use:     "org-member <organizationToken> <accountEmail>",
+		Aliases: []string{"member"},
+		Short:   "Add an account to an organization",
+		Args:    cobra.ExactArgs(2),
+	}
+	command := &adminCreateOrgMemberCommand{cmd: cmd}
+	cmd.Flags().BoolVar(&command.admin, "admin", false, "Make the new account an admin of the organization")
+	cmd.Run = command.run
+	return command
+}
+
+func (cmd *adminCreateOrgMemberCommand) run(_ *cobra.Command, args []string) {
+	env, err := environment.LoadRoot()
+	if err != nil {
+		panic(err)
+	}
+
+	zrok, err := env.Client()
+	if err != nil {
+		panic(err)
+	}
+
+	req := admin.NewAddOrganizationMemberParams()
+	req.Body.Token = args[0]
+	req.Body.Email = args[1]
+	req.Body.Admin = cmd.admin
+
+	_, err = zrok.Admin.AddOrganizationMember(req, mustGetAdminAuth())
+	if err != nil {
+		panic(err)
+	}
+
+	logrus.Infof("added '%v' to organization '%v", args[0], args[1])
+}
diff --git a/cmd/zrok/adminCreateOrganization.go b/cmd/zrok/adminCreateOrganization.go
@@ -0,0 +1,52 @@
+package main
+
+import (
+	"github.com/openziti/zrok/environment"
+	"github.com/openziti/zrok/rest_client_zrok/admin"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	adminCreateCmd.AddCommand(newAdminCreateOrganizationCommand().cmd)
+}
+
+type adminCreateOrganizationCommand struct {
+	cmd         *cobra.Command
+	description string
+}
+
+func newAdminCreateOrganizationCommand() *adminCreateOrganizationCommand {
+	cmd := &cobra.Command{
+		Use:     "organization",
+		Aliases: []string{"org"},
+		Short:   "Create a new organization",
+		Args:    cobra.NoArgs,
+	}
+	command := &adminCreateOrganizationCommand{cmd: cmd}
+	cmd.Flags().StringVarP(&command.description, "description", "d", "", "Organization description")
+	cmd.Run = command.run
+	return command
+}
+
+func (cmd *adminCreateOrganizationCommand) run(_ *cobra.Command, _ []string) {
+	env, err := environment.LoadRoot()
+	if err != nil {
+		panic(err)
+	}
+
+	zrok, err := env.Client()
+	if err != nil {
+		panic(err)
+	}
+
+	req := admin.NewCreateOrganizationParams()
+	req.Body = admin.CreateOrganizationBody{Description: cmd.description}
+
+	resp, err := zrok.Admin.CreateOrganization(req, mustGetAdminAuth())
+	if err != nil {
+		panic(err)
+	}
+
+	logrus.Infof("created new organization with token '%v'", resp.Payload.Token)
+}
diff --git a/cmd/zrok/adminDeleteOrgMember.go b/cmd/zrok/adminDeleteOrgMember.go
@@ -0,0 +1,51 @@
+package main
+
+import (
+	"github.com/openziti/zrok/environment"
+	"github.com/openziti/zrok/rest_client_zrok/admin"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	adminDeleteCmd.AddCommand(newAdminDeleteOrgMemberCommand().cmd)
+}
+
+type adminDeleteOrgMemberCommand struct {
+	cmd *cobra.Command
+}
+
+func newAdminDeleteOrgMemberCommand() *adminDeleteOrgMemberCommand {
+	cmd := &cobra.Command{
+		Use:     "org-member <organizationToken> <accountEmail>",
+		Aliases: []string{"member"},
+		Short:   "Remove an account from an organization",
+		Args:    cobra.ExactArgs(2),
+	}
+	command := &adminDeleteOrgMemberCommand{cmd: cmd}
+	cmd.Run = command.run
+	return command
+}
+
+func (cmd *adminDeleteOrgMemberCommand) run(_ *cobra.Command, args []string) {
+	env, err := environment.LoadRoot()
+	if err != nil {
+		panic(err)
+	}
+
+	zrok, err := env.Client()
+	if err != nil {
+		panic(err)
+	}
+
+	req := admin.NewRemoveOrganizationMemberParams()
+	req.Body.Token = args[0]
+	req.Body.Email = args[1]
+
+	_, err = zrok.Admin.RemoveOrganizationMember(req, mustGetAdminAuth())
+	if err != nil {
+		panic(err)
+	}
+
+	logrus.Infof("removed '%v' from organization '%v", args[0], args[1])
+}
diff --git a/cmd/zrok/adminDeleteOrganization.go b/cmd/zrok/adminDeleteOrganization.go
@@ -0,0 +1,50 @@
+package main
+
+import (
+	"github.com/openziti/zrok/environment"
+	"github.com/openziti/zrok/rest_client_zrok/admin"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	adminDeleteCmd.AddCommand(newAdminDeleteOrganizationCommand().cmd)
+}
+
+type adminDeleteOrganizationCommand struct {
+	cmd *cobra.Command
+}
+
+func newAdminDeleteOrganizationCommand() *adminDeleteOrganizationCommand {
+	cmd := &cobra.Command{
+		Use:     "organization <organizationToken>",
+		Aliases: []string{"org"},
+		Short:   "Delete an organization",
+		Args:    cobra.ExactArgs(1),
+	}
+	command := &adminDeleteOrganizationCommand{cmd: cmd}
+	cmd.Run = command.run
+	return command
+}
+
+func (cmd *adminDeleteOrganizationCommand) run(_ *cobra.Command, args []string) {
+	env, err := environment.LoadRoot()
+	if err != nil {
+		panic(err)
+	}
+
+	zrok, err := env.Client()
+	if err != nil {
+		panic(err)
+	}
+
+	req := admin.NewDeleteOrganizationParams()
+	req.Body.Token = args[0]
+
+	_, err = zrok.Admin.DeleteOrganization(req, mustGetAdminAuth())
+	if err != nil {
+		panic(err)
+	}
+
+	logrus.Infof("deleted organization with token '%v'", args[0])
+}
diff --git a/cmd/zrok/adminListOrgMembers.go b/cmd/zrok/adminListOrgMembers.go
@@ -0,0 +1,61 @@
+package main
+
+import (
+	"fmt"
+	"github.com/jedib0t/go-pretty/v6/table"
+	"github.com/openziti/zrok/environment"
+	"github.com/openziti/zrok/rest_client_zrok/admin"
+	"github.com/spf13/cobra"
+	"os"
+)
+
+func init() {
+	adminListCmd.AddCommand(newAdminListOrgMembersCommand().cmd)
+}
+
+type adminListOrgMembersCommand struct {
+	cmd *cobra.Command
+}
+
+func newAdminListOrgMembersCommand() *adminListOrgMembersCommand {
+	cmd := &cobra.Command{
+		Use:     "org-members <organizationToken>",
+		Aliases: []string{"members"},
+		Short:   "List the members of the specified organization",
+		Args:    cobra.ExactArgs(1),
+	}
+	command := &adminListOrgMembersCommand{cmd: cmd}
+	cmd.Run = command.run
+	return command
+}
+
+func (cmd *adminListOrgMembersCommand) run(_ *cobra.Command, args []string) {
+	env, err := environment.LoadRoot()
+	if err != nil {
+		panic(err)
+	}
+
+	zrok, err := env.Client()
+	if err != nil {
+		panic(err)
+	}
+
+	req := admin.NewListOrganizationMembersParams()
+	req.Body.Token = args[0]
+
+	resp, err := zrok.Admin.ListOrganizationMembers(req, mustGetAdminAuth())
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Println()
+	t := table.NewWriter()
+	t.SetOutputMirror(os.Stdout)
+	t.SetStyle(table.StyleColoredDark)
+	t.AppendHeader(table.Row{"Account Email", "Admin?"})
+	for _, member := range resp.Payload.Members {
+		t.AppendRow(table.Row{member.Email, member.Admin})
+	}
+	t.Render()
+	fmt.Println()
+}
diff --git a/cmd/zrok/adminListOrganizations.go b/cmd/zrok/adminListOrganizations.go
@@ -0,0 +1,59 @@
+package main
+
+import (
+	"fmt"
+	"github.com/jedib0t/go-pretty/v6/table"
+	"github.com/openziti/zrok/environment"
+	"github.com/openziti/zrok/rest_client_zrok/admin"
+	"github.com/spf13/cobra"
+	"os"
+)
+
+func init() {
+	adminListCmd.AddCommand(newAdminListOrganizationsCommand().cmd)
+}
+
+type adminListOrganizationsCommand struct {
+	cmd *cobra.Command
+}
+
+func newAdminListOrganizationsCommand() *adminListOrganizationsCommand {
+	cmd := &cobra.Command{
+		Use:     "organizations",
+		Aliases: []string{"orgs"},
+		Short:   "List all organizations",
+		Args:    cobra.NoArgs,
+	}
+	command := &adminListOrganizationsCommand{cmd}
+	cmd.Run = command.run
+	return command
+}
+
+func (c *adminListOrganizationsCommand) run(_ *cobra.Command, _ []string) {
+	env, err := environment.LoadRoot()
+	if err != nil {
+		panic(err)
+	}
+
+	zrok, err := env.Client()
+	if err != nil {
+		panic(err)
+	}
+
+	req := admin.NewListOrganizationsParams()
+	resp, err := zrok.Admin.ListOrganizations(req, mustGetAdminAuth())
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Println()
+	t := table.NewWriter()
+	t.SetOutputMirror(os.Stdout)
+	t.SetStyle(table.StyleColoredDark)
+	t.AppendHeader(table.Row{"Organization Token", "Description"})
+	for _, org := range resp.Payload.Organizations {
+		t.AppendRow(table.Row{org.Token, org.Description})
+	}
+	t.Render()
+	fmt.Println()
+}
diff --git a/cmd/zrok/main.go b/cmd/zrok/main.go
@@ -28,6 +28,8 @@ func init() {
 	rootCmd.AddCommand(adminCmd)
 	rootCmd.AddCommand(configCmd)
 	rootCmd.AddCommand(modifyCmd)
+	organizationCmd.AddCommand(organizationAdminCmd)
+	rootCmd.AddCommand(organizationCmd)
 	rootCmd.AddCommand(shareCmd)
 	rootCmd.AddCommand(testCmd)
 	rootCmd.AddCommand(gendoc.NewGendocCmd(rootCmd))
@@ -94,6 +96,17 @@ var modifyCmd = &cobra.Command{
 	Short:   "Modify resources",
 }
 
+var organizationAdminCmd = &cobra.Command{
+	Use:   "admin",
+	Short: "Organization admin commands",
+}
+
+var organizationCmd = &cobra.Command{
+	Use:     "organization",
+	Aliases: []string{"org"},
+	Short:   "Organization commands",
+}
+
 var shareCmd = &cobra.Command{
 	Use:   "share",
 	Short: "Create backend access for shares",