From 7911a54e124db2064b7f451ccfe99773d4a7f6a4 Mon Sep 17 00:00:00 2001
From: Alejandro Baez <develop+code@baez.link>
Date: Fri, 13 Sep 2019 23:20:15 -0400
Subject: [PATCH] initial addition of role acl

---
 consulate/api/acl.py    | 19 ++++++++++++++++++-
 consulate/models/acl.py | 28 ++++++++++++++++++++++++++--
 2 files changed, 44 insertions(+), 3 deletions(-)

diff --git a/consulate/api/acl.py b/consulate/api/acl.py
index 7eff72e..afc0f13 100644
--- a/consulate/api/acl.py
+++ b/consulate/api/acl.py
@@ -23,7 +23,7 @@ def read_self_token(self):
         return self._get(["token", "self"])
 
     def list_policies(self):
-        """ List all policies available in cluster
+        """ List all ACL policies available in cluster
         """
         return self._get(["policies"])
 
@@ -66,6 +66,23 @@ def delete_policy(self, id):
 
         return self._delete(["policy", id])
 
+    def list_roles(self):
+        """ List all ACL roles available in cluster
+        """
+        return self._get(["roles"])
+
+    def create_role(self, name, description=None, policies=None, service_identities=None):
+        """ Create an ACL role from a list of policies and or service service_identities.
+        :param str name: The name of the ACL role. Must be unique alphanumeral and dashes and underscores.
+        :param str description: The description of the ACL role.
+        :param PolicyLinks policies: An array of PolicyLink.
+        :param ServiceIdentities service_identities: An array of ServiceIdentity.
+        """
+        return self._put_response_body(["role"], {}, dict(
+            model.ACLPolicy(name=name, description=description,
+                            policies=policies, service_identities=service_identities)
+        ))
+
     # NOTE: Everything below here is deprecated post consul-1.4.0.
 
     def bootstrap(self):
diff --git a/consulate/models/acl.py b/consulate/models/acl.py
index cd70492..c0f651c 100644
--- a/consulate/models/acl.py
+++ b/consulate/models/acl.py
@@ -6,8 +6,7 @@
 
 
 class ACLPolicy(base.Model):
-    """Defins the model used fur an ACL policy.
-    """
+    """Defines the model used fur an ACL policy."""
     __slots__ = ['datacenters', 'description', 'id', 'name', 'rules']
 
     __attributes__ = {
@@ -36,6 +35,31 @@ class ACLPolicy(base.Model):
     }
 
 
+class ACLRole(base.Model):
+    """Defines the model used fur an ACL role."""
+    __slots__ = ['description', 'name', 'policies', 'service_identities']
+
+    __attributes__ = {
+        'description': {
+            'key': 'Description',
+            'type': str,
+        },
+        'name': {
+            'key': 'Name',
+            'type': str,
+            'required': True,
+        },
+        'policies': {
+            'key': 'Policies',
+            'type': list,
+        },
+        "service_identities": {
+            'key': 'ServiceIdentities',
+            'type': list,
+        }
+    }
+
+
 class ACL(base.Model):
     """Defines the model used for an individual ACL token."""
     __slots__ = ['id', 'name', 'type', 'rules']