Fix member role assignments.

Role assignments can't be updated, only added and removed.

pkg/api/organizationapi/member_update_role_assignments.go → pkg/api/organizationapi/member_role_assignments_add.go

@@ -26,14 +26,14 @@ import (
 	"github.com/elastic/cloud-sdk-go/pkg/multierror"
 )
 
-type UpdateMemberRoleAssignmentsParams struct {
+type AddRoleAssignmentsParams struct {
 	*api.API
 
 	UserID          string
 	RoleAssignments models.RoleAssignments
 }
 
-func (params UpdateMemberRoleAssignmentsParams) Validate() error {
+func (params AddRoleAssignmentsParams) Validate() error {
 	var merr = multierror.NewPrefixed("invalid user params")
 	if params.API == nil {
 		merr = merr.Append(apierror.ErrMissingAPI)
@@ -44,7 +44,7 @@ func (params UpdateMemberRoleAssignmentsParams) Validate() error {
 	return merr.ErrorOrNil()
 }
 
-func UpdateMemberRoleAssignments(params UpdateMemberRoleAssignmentsParams) (*models.EmptyResponse, error) {
+func AddRoleAssignments(params AddRoleAssignmentsParams) (*models.EmptyResponse, error) {
 	if err := params.Validate(); err != nil {
 		return nil, err
 	}

pkg/api/organizationapi/member_update_role_assignments_test.go → pkg/api/organizationapi/member_role_assignments_add_test.go

@@ -26,10 +26,10 @@ import (
 	"testing"
 )
 
-func TestUpdateMemberRoleAssignments(t *testing.T) {
+func TestAddRoleAssignments(t *testing.T) {
 	tests := []struct {
 		name   string
-		params UpdateMemberRoleAssignmentsParams
+		params AddRoleAssignmentsParams
 		want   models.EmptyResponse
 		err    string
 	}{
@@ -39,7 +39,7 @@ func TestUpdateMemberRoleAssignments(t *testing.T) {
 		},
 		{
 			name: "handles successful response",
-			params: UpdateMemberRoleAssignmentsParams{
+			params: AddRoleAssignmentsParams{
 				API: api.NewMock(
 					mock.New200ResponseAssertion(
 						&mock.RequestAssertion{
@@ -66,7 +66,7 @@ func TestUpdateMemberRoleAssignments(t *testing.T) {
 		},
 		{
 			name: "handles failure response",
-			params: UpdateMemberRoleAssignmentsParams{
+			params: AddRoleAssignmentsParams{
 				API: api.NewMock(
 					mock.NewErrorResponse(404, mock.APIError{
 						Code:    "user.not_found",
@@ -88,7 +88,7 @@ func TestUpdateMemberRoleAssignments(t *testing.T) {
 	}
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {
-			got, err := UpdateMemberRoleAssignments(test.params)
+			got, err := AddRoleAssignments(test.params)
 			if err != nil && !assert.EqualError(t, err, test.err) {
 				t.Error(err)
 			}

pkg/api/organizationapi/member_role_assignments_remove.go

@@ -0,0 +1,63 @@
+// Licensed to Elasticsearch B.V. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. Elasticsearch B.V. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package organizationapi
+
+import (
+	"errors"
+	"github.com/elastic/cloud-sdk-go/pkg/api"
+	"github.com/elastic/cloud-sdk-go/pkg/api/apierror"
+	"github.com/elastic/cloud-sdk-go/pkg/client/user_role_assignments"
+	"github.com/elastic/cloud-sdk-go/pkg/models"
+	"github.com/elastic/cloud-sdk-go/pkg/multierror"
+)
+
+type RemoveRoleAssignmentsParams struct {
+	*api.API
+
+	UserID          string
+	RoleAssignments models.RoleAssignments
+}
+
+func (params RemoveRoleAssignmentsParams) Validate() error {
+	var merr = multierror.NewPrefixed("invalid user params")
+	if params.API == nil {
+		merr = merr.Append(apierror.ErrMissingAPI)
+	}
+	if params.UserID == "" {
+		merr = merr.Append(errors.New("UserID is not specified and is required for this operation"))
+	}
+	return merr.ErrorOrNil()
+}
+
+func RemoveRoleAssignments(params RemoveRoleAssignmentsParams) (*models.EmptyResponse, error) {
+	if err := params.Validate(); err != nil {
+		return nil, err
+	}
+
+	response, err := params.V1API.UserRoleAssignments.RemoveRoleAssignments(
+		user_role_assignments.NewRemoveRoleAssignmentsParams().
+			WithUserID(params.UserID).
+			WithBody(&params.RoleAssignments),
+		params.AuthWriter,
+	)
+	if err != nil {
+		return nil, apierror.Wrap(err)
+	}
+
+	return &response.Payload, nil
+}

pkg/api/organizationapi/member_role_assignments_remove_test.go

@@ -0,0 +1,100 @@
+// Licensed to Elasticsearch B.V. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. Elasticsearch B.V. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package organizationapi
+
+import (
+	"github.com/elastic/cloud-sdk-go/pkg/api"
+	"github.com/elastic/cloud-sdk-go/pkg/api/mock"
+	"github.com/elastic/cloud-sdk-go/pkg/models"
+	"github.com/elastic/cloud-sdk-go/pkg/util/ec"
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func TestRemoveRoleAssignments(t *testing.T) {
+	tests := []struct {
+		name   string
+		params RemoveRoleAssignmentsParams
+		want   models.EmptyResponse
+		err    string
+	}{
+		{
+			name: "fails due to parameter validation",
+			err:  "invalid user params: 2 errors occurred:\n\t* UserID is not specified and is required for this operation\n\t* api reference is required for the operation\n\n",
+		},
+		{
+			name: "handles successful response",
+			params: RemoveRoleAssignmentsParams{
+				API: api.NewMock(
+					mock.New200ResponseAssertion(
+						&mock.RequestAssertion{
+							Header: api.DefaultWriteMockHeaders,
+							Method: "DELETE",
+							Host:   api.DefaultMockHost,
+							Path:   "/api/v1/users/testuser/role_assignments",
+							Body:   mock.NewStringBody(`{"deployment":null,"organization":[{"organization_id":"testorg","role_id":"billing-admin"}],"platform":null}` + "\n"),
+						},
+						mock.NewStringBody("{}"),
+					),
+				),
+				UserID: "testuser",
+				RoleAssignments: models.RoleAssignments{
+					Organization: []*models.OrganizationRoleAssignment{
+						{
+							OrganizationID: ec.String("testorg"),
+							RoleID:         ec.String("billing-admin"),
+						},
+					},
+				},
+			},
+			want: map[string]interface{}{},
+		},
+		{
+			name: "handles failure response",
+			params: RemoveRoleAssignmentsParams{
+				API: api.NewMock(
+					mock.NewErrorResponse(404, mock.APIError{
+						Code:    "user.not_found",
+						Message: "user not found",
+					}),
+				),
+				UserID: "testuser",
+				RoleAssignments: models.RoleAssignments{
+					Organization: []*models.OrganizationRoleAssignment{
+						{
+							OrganizationID: ec.String("testorg"),
+							RoleID:         ec.String("billing-admin"),
+						},
+					},
+				},
+			},
+			err: "api error: 1 error occurred:\n\t* user.not_found: user not found\n\n",
+		},
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			got, err := RemoveRoleAssignments(test.params)
+			if err != nil && !assert.EqualError(t, err, test.err) {
+				t.Error(err)
+			}
+			if got != nil && !assert.Equal(t, test.want, *got) {
+				t.Error(err)
+			}
+		})
+	}
+}