IO Ready and new IAM Endpoints (#864)

jriddle-linode · web-flow · commit 1d31b10d454a · 2025-12-15T16:18:20.000-05:00
## 📝 Description

Adds `io_ready` field to Volumes and 2 new endpoints for IAM

## ✔️ How to Test

```
make test-unit
```
diff --git a/entities.go b/entities.go
@@ -2,12 +2,25 @@ package linodego
 
 import "context"
 
+// LinodeEntity is anything in Linode with IAM Permissions
 type LinodeEntity struct {
 	ID    int    `json:"id"`
 	Label string `json:"label"`
 	Type  string `json:"type"`
 }
 
+// ListEntities returns a paginated list of all entities
 func (c *Client) ListEntities(ctx context.Context, opts *ListOptions) ([]LinodeEntity, error) {
 	return getPaginatedResults[LinodeEntity](ctx, c, "entities", opts)
 }
+
+// GetEntityRoles returns a list of roles for the entity and user
+func (c *Client) GetEntityRoles(ctx context.Context, username string, entityType string, entityID int) ([]string, error) {
+	perms, err := doGETRequest[[]string](ctx, c,
+		formatAPIPath("iam/users/%s/permissions/%s/%d", username, entityType, entityID))
+	if err != nil || perms == nil {
+		return nil, err
+	}
+
+	return (*perms), err
+}
diff --git a/iam.go b/iam.go
@@ -2,58 +2,79 @@ package linodego
 
 import "context"
 
+// UserRolePermissions are the account and entity permissions for the User
 type UserRolePermissions struct {
 	AccountAccess []string     `json:"account_access"`
 	EntityAccess  []UserAccess `json:"entity_access"`
 }
 
+// GetUpdateOptions converts UserRolePermissions for use in UpdateUserRolePermissions
 func (p *UserRolePermissions) GetUpdateOptions() UserRolePermissionsUpdateOptions {
 	return UserRolePermissionsUpdateOptions{
 		AccountAccess: p.AccountAccess,
 		EntityAccess:  p.EntityAccess,
 	}
 }
 
+// UserRolePermissionsUpdateOptions are fields accepted by UpdateUserRolePermissions
 type UserRolePermissionsUpdateOptions struct {
 	AccountAccess []string     `json:"account_access"`
 	EntityAccess  []UserAccess `json:"entity_access"`
 }
 
+// UserAccess is the breakdown of entities Roles
 type UserAccess struct {
 	ID    int      `json:"id"`
 	Type  string   `json:"type"`
 	Roles []string `json:"roles"`
 }
 
+// AccountRolePermissions are the account and entity roles for the Account
 type AccountRolePermissions struct {
 	AccountAccess []AccountAccess `json:"account_access"`
 	EntityAccess  []AccountAccess `json:"entity_access"`
 }
 
+// AccountAccess is the Roles for each Type for the Account
 type AccountAccess struct {
 	Type  string `json:"type"`
 	Roles []Role `json:"roles"`
 }
 
+// Role is the IAM Role and its Permissions
 type Role struct {
 	Name        string   `json:"name"`
 	Description string   `json:"description"`
 	Permissions []string `json:"permissions"`
 }
 
+// GetUserRolePermissions returns any role permissions for username
 func (c *Client) GetUserRolePermissions(ctx context.Context, username string) (*UserRolePermissions, error) {
 	return doGETRequest[UserRolePermissions](ctx, c,
 		formatAPIPath("iam/users/%s/role-permissions", username),
 	)
 }
 
+// UpdateUserRolePermissions updates any role permissions for username
 func (c *Client) UpdateUserRolePermissions(ctx context.Context, username string, opts UserRolePermissionsUpdateOptions) (*UserRolePermissions, error) {
 	return doPUTRequest[UserRolePermissions](ctx, c,
 		formatAPIPath("iam/users/%s/role-permissions", username),
 		opts,
 	)
 }
 
+// GetAccountRolePermissions returns the role permissions for this Account
 func (c *Client) GetAccountRolePermissions(ctx context.Context) (*AccountRolePermissions, error) {
 	return doGETRequest[AccountRolePermissions](ctx, c, "iam/role-permissions")
 }
+
+// GetUserAccountPermissions returns the account permissions for username
+func (c *Client) GetUserAccountPermissions(ctx context.Context, username string) ([]string, error) {
+	perms, err := doGETRequest[[]string](ctx, c,
+		formatAPIPath("iam/users/%s/permissions/account", username))
+	if err != nil || perms == nil {
+		return nil, err
+	}
+
+	return (*perms), err
+}
diff --git a/test/unit/entities_test.go b/test/unit/entities_test.go
@@ -23,3 +23,19 @@ func TestEntities_List(t *testing.T) {
 
 	assert.Equal(t, 7, entities[0].ID)
 }
+
+func TestEntitiesPermissions_Get(t *testing.T) {
+	fixtureData, err := fixtures.GetFixture("entities_permissions")
+	assert.NoError(t, err)
+
+	var base ClientBaseCase
+	base.SetUp(t)
+	defer base.TearDown(t)
+
+	base.MockGet(formatMockAPIPath("iam/users/Linode/permissions/linode/123"), fixtureData)
+
+	perms, err := base.Client.GetEntityRoles(context.Background(), "Linode", "linode", 123)
+	assert.NoError(t, err)
+
+	assert.Equal(t, "rebuild_linode", perms[1])
+}
diff --git a/test/unit/fixtures/entities_permissions.json b/test/unit/fixtures/entities_permissions.json
@@ -0,0 +1,5 @@
+[
+    "generate_linode_lish_token_remote",
+    "rebuild_linode",
+    "shutdown_linode"
+]
diff --git a/test/unit/fixtures/iam_user_account_permissions_get.json b/test/unit/fixtures/iam_user_account_permissions_get.json
@@ -0,0 +1,5 @@
+[
+    "list_events",
+    "view_account_settings",
+    "cancel_account"
+]
diff --git a/test/unit/fixtures/volume_get.json b/test/unit/fixtures/volume_get.json
@@ -10,7 +10,8 @@
     "hardware_type": "",
     "linode_label": "",
     "encryption": "",
+    "io_ready": true,
     "created": "2025-01-01T12:00:00",
     "updated": "2025-01-10T12:00:00"
 }
-  
+
diff --git a/test/unit/iam_test.go b/test/unit/iam_test.go
@@ -61,3 +61,19 @@ func TestIAMUserRolePermissions_Update(t *testing.T) {
 	assert.Equal(t, 1, after.EntityAccess[0].ID)
 	assert.NotEqual(t, before.AccountAccess, after.AccountAccess)
 }
+
+func TestIAMUserAccountPermissions_Get(t *testing.T) {
+	fixtureData, err := fixtures.GetFixture("iam_user_account_permissions_get")
+	assert.NoError(t, err)
+
+	var base ClientBaseCase
+	base.SetUp(t)
+	defer base.TearDown(t)
+
+	base.MockGet(formatMockAPIPath("iam/users/Linode/permissions/account"), fixtureData)
+
+	perms, err := base.Client.GetUserAccountPermissions(context.Background(), "Linode")
+	assert.NoError(t, err)
+
+	assert.Equal(t, "list_events", perms[0])
+}
diff --git a/test/unit/volume_test.go b/test/unit/volume_test.go
@@ -58,6 +58,7 @@ func TestGetVolume(t *testing.T) {
 	assert.Contains(t, volume.Tags, "test", "Expected tags to include 'test'")
 	assert.Empty(t, volume.HardwareType, "Expected hardware type to be empty")
 	assert.Empty(t, volume.LinodeLabel, "Expected Linode label to be empty")
+	assert.Equal(t, true, volume.IOReady, "Expected IO Ready true")
 }
 
 func TestCreateVolume(t *testing.T) {
diff --git a/volumes.go b/volumes.go
@@ -37,6 +37,7 @@ type Volume struct {
 	Tags           []string     `json:"tags"`
 	HardwareType   string       `json:"hardware_type"`
 	LinodeLabel    string       `json:"linode_label"`
+	IOReady        bool         `json:"io_ready"`
 	Created        *time.Time   `json:"-"`
 	Updated        *time.Time   `json:"-"`
 

Original file line number	Diff line number	Diff line change
`@@ -2,58 +2,79 @@ package linodego`
`2`	`2`
`3`	`3`	`import "context"`
`4`	`4`
	`5`	`+// UserRolePermissions are the account and entity permissions for the User`
`5`	`6`	`type UserRolePermissions struct {`
`6`	`7`	AccountAccess []string `json:"account_access"`
`7`	`8`	EntityAccess []UserAccess `json:"entity_access"`
`8`	`9`	`}`
`9`	`10`
	`11`	`+// GetUpdateOptions converts UserRolePermissions for use in UpdateUserRolePermissions`
`10`	`12`	`func (p *UserRolePermissions) GetUpdateOptions() UserRolePermissionsUpdateOptions {`
`11`	`13`	`return UserRolePermissionsUpdateOptions{`
`12`	`14`	`AccountAccess: p.AccountAccess,`
`13`	`15`	`EntityAccess: p.EntityAccess,`
`14`	`16`	`}`
`15`	`17`	`}`
`16`	`18`
	`19`	`+// UserRolePermissionsUpdateOptions are fields accepted by UpdateUserRolePermissions`
`17`	`20`	`type UserRolePermissionsUpdateOptions struct {`
`18`	`21`	AccountAccess []string `json:"account_access"`
`19`	`22`	EntityAccess []UserAccess `json:"entity_access"`
`20`	`23`	`}`
`21`	`24`
	`25`	`+// UserAccess is the breakdown of entities Roles`
`22`	`26`	`type UserAccess struct {`
`23`	`27`	ID int `json:"id"`
`24`	`28`	Type string `json:"type"`
`25`	`29`	Roles []string `json:"roles"`
`26`	`30`	`}`
`27`	`31`
	`32`	`+// AccountRolePermissions are the account and entity roles for the Account`
`28`	`33`	`type AccountRolePermissions struct {`
`29`	`34`	AccountAccess []AccountAccess `json:"account_access"`
`30`	`35`	EntityAccess []AccountAccess `json:"entity_access"`
`31`	`36`	`}`
`32`	`37`
	`38`	`+// AccountAccess is the Roles for each Type for the Account`
`33`	`39`	`type AccountAccess struct {`
`34`	`40`	Type string `json:"type"`
`35`	`41`	Roles []Role `json:"roles"`
`36`	`42`	`}`
`37`	`43`
	`44`	`+// Role is the IAM Role and its Permissions`
`38`	`45`	`type Role struct {`
`39`	`46`	Name string `json:"name"`
`40`	`47`	Description string `json:"description"`
`41`	`48`	Permissions []string `json:"permissions"`
`42`	`49`	`}`
`43`	`50`
	`51`	`+// GetUserRolePermissions returns any role permissions for username`
`44`	`52`	`func (c Client) GetUserRolePermissions(ctx context.Context, username string) (UserRolePermissions, error) {`
`45`	`53`	`return doGETRequest[UserRolePermissions](ctx, c,`
`46`	`54`	`formatAPIPath("iam/users/%s/role-permissions", username),`
`47`	`55`	`)`
`48`	`56`	`}`
`49`	`57`
	`58`	`+// UpdateUserRolePermissions updates any role permissions for username`
`50`	`59`	`func (c Client) UpdateUserRolePermissions(ctx context.Context, username string, opts UserRolePermissionsUpdateOptions) (UserRolePermissions, error) {`
`51`	`60`	`return doPUTRequest[UserRolePermissions](ctx, c,`
`52`	`61`	`formatAPIPath("iam/users/%s/role-permissions", username),`
`53`	`62`	`opts,`
`54`	`63`	`)`
`55`	`64`	`}`
`56`	`65`
	`66`	`+// GetAccountRolePermissions returns the role permissions for this Account`
`57`	`67`	`func (c Client) GetAccountRolePermissions(ctx context.Context) (AccountRolePermissions, error) {`
`58`	`68`	`return doGETRequest[AccountRolePermissions](ctx, c, "iam/role-permissions")`
`59`	`69`	`}`
	`70`	`+`
	`71`	`+// GetUserAccountPermissions returns the account permissions for username`
	`72`	`+func (c *Client) GetUserAccountPermissions(ctx context.Context, username string) ([]string, error) {`
	`73`	`+ perms, err := doGETRequest[[]string](ctx, c,`
	`74`	`+ formatAPIPath("iam/users/%s/permissions/account", username))`
	`75`	`+ if err != nil \|\| perms == nil {`
	`76`	`+ return nil, err`
	`77`	`+ }`
	`78`	`+`
	`79`	`+ return (*perms), err`
	`80`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -58,6 +58,7 @@ func TestGetVolume(t *testing.T) {`
`58`	`58`	`assert.Contains(t, volume.Tags, "test", "Expected tags to include 'test'")`
`59`	`59`	`assert.Empty(t, volume.HardwareType, "Expected hardware type to be empty")`
`60`	`60`	`assert.Empty(t, volume.LinodeLabel, "Expected Linode label to be empty")`
	`61`	`+ assert.Equal(t, true, volume.IOReady, "Expected IO Ready true")`
`61`	`62`	`}`
`62`	`63`
`63`	`64`	`func TestCreateVolume(t *testing.T) {`