upc/policy.go

package main

import (
	"bytes"
	"encoding/json"
	"flag"
	"fmt"
	"net/http"
	"os"
)

var policyCmd *flag.FlagSet

var policyCommands = []Command{
	{
		Names:       []string{"create-policy"},
		Description: "Create Policy",
		Handler:     policyCreate,
	},
	{
		Names:       []string{"list-policies"},
		Description: "List Policies",
		Handler:     policyCreate,
	},
}

// Condition represents each item in the "conditions" array
type Condition struct {
	StatementID string   `json:"statementid"`
	Principal   []string `json:"principals"`
	Actions     []string `json:"actions"`
	Source      []string `json:"source"`
	Effect      string   `json:"effect"`
	Operator    string   `json:"operator"`
}

type Policy struct {
	Name        string      `json:"name"`
	Description string      `json:"description"`
	Conditions  []Condition `json:"conditions"`
}

type CreatePolicyRequest struct {
	Name           string `json:"name"`
	Description    string `json:"description"`
	PolicyDocument Policy `json:"PolicyDocument"`
}

type CreatePolicyResponse struct {
	PolicyID string `json:"policy_id"`
}

type ProfileToken struct {
	Token string `json:"token"`
}

type IdentityToken struct {
	Token string `json:"token"`
}

func policyCreate(args []string) {
	policyCmd := flag.NewFlagSet("create-policy", flag.ExitOnError)

	var policyname string
	var useprofile string
	var policyjson string
	var policyfile string
	var policyDescription string
	var createpolicyrequest CreatePolicyRequest

	var normalizedDocument string

	policyCmd.StringVar(&policyname, "name", "", "Policy Name (required)")
	policyCmd.StringVar(&policyDescription, "description", "", "Policy Description")
	policyCmd.StringVar(&useprofile, "profile", "", "Profile")
	policyCmd.StringVar(&policyjson, "policy-json", "", "Policy JSON")
	policyCmd.StringVar(&policyfile, "policy-file", "", "JSON Policy File")

	policyCmd.Parse(args)

	if policyname == "" {
		fmt.Println("Error: either -n or --name is required")
		os.Exit(1)
	}

	if useprofile == "" {
		fmt.Println("Error: either -profile or --profile is required")
		os.Exit(1)
	}

	if policyjson == "" && policyfile == "" {
		fmt.Println("Error: either -p/--policy-json or -f/--policy-file is required")
		os.Exit(1)
	}

	if policyjson != "" && policyfile != "" {
		fmt.Println("Error: only one of -p/--policy-json or -f/--policy-file can be provided")
		os.Exit(1)
	}

	// Open Profile file
	home, err := os.UserHomeDir()
	if err != nil {
		panic(err)
	}
	profileData, err := os.ReadFile(home + "/.pcloud/profiles/" + useprofile + ".json")
	if err != nil {
		fmt.Printf("Error opening profile file: %v\n", err)
		os.Exit(1)
	}

	fmt.Println("Length is", len(profileData))

	if len(profileData) == 0 {
		fmt.Printf("Profile file is empty: %s\n", home+"/.pcloud/profiles/"+useprofile+".json")
		os.Exit(1)
	}

	var profileToken ProfileToken
	err = json.Unmarshal(profileData, &profileToken)
	if err != nil {
		fmt.Printf("Error reading profile file: %v\n", err)
		os.Exit(1)
	}

	fmt.Println("Profile Token: ", profileToken.Token)

	if policyfile != "" {
		content, err := os.ReadFile(policyfile)
		if err != nil {
			fmt.Printf("Error reading policy file: %v\n", err)
			os.Exit(1)
		}
		normalizedDocument = string(content)
	} else if policyjson != "" {
		normalizedDocument = policyjson
	}

	// Validate JSON
	if !json.Valid([]byte(normalizedDocument)) {
		fmt.Println("Error: invalid JSON for policy document")
		os.Exit(1)
	}

	createpolicyrequest.Name = policyname

	err = json.Unmarshal([]byte(normalizedDocument), &createpolicyrequest.PolicyDocument)
	if err != nil {
		fmt.Printf("Error reading policy document: %v\n", err)
		os.Exit(1)
	}

	policyrequestData, err := json.Marshal(createpolicyrequest)
	if err != nil {
		fmt.Printf("Error encoding policy request: %v\n", err)
		os.Exit(1)
	}

	fmt.Println("Policy Name:", createpolicyrequest.Name)
	fmt.Println("Policy JSON:", createpolicyrequest.PolicyDocument)

	apiendpoint := endpoint + "/policy/create-policy"
	fmt.Println(apiendpoint)

	req, err := http.NewRequest("POST", apiendpoint, bytes.NewBuffer(policyrequestData))
	if err != nil {
		panic(err)
	}

	req.Header.Set("Content-Type", "application/json")
	req.Header.Set("Authorization", "Bearer "+profileToken.Token)
	fmt.Println("Using token:", profileToken.Token)

	client := &http.Client{}
	resp, err := client.Do(req)
	if err != nil {
		panic(err)
	}

	defer resp.Body.Close()

	fmt.Println("Response status:", resp.Status, resp.Body)

}

func policyList(args []string) {
}

func policyMain(args []string) {
	fmt.Println("Policy Main")
	if len(args) < 1 {
		fmt.Println("Error: subcommand is required")
		os.Exit(1)
	}
	subcommand := args[0]

	cmd := findCommand(subcommand, policyCommands)
	if cmd == nil {
		fmt.Println("Error: unknown command:", subcommand)
		os.Exit(1)
	}
	cmd.Handler(args[1:])

}