func (cmd *set) Run(ctx context.Context, f *flag.FlagSet) error {
c, err := cmd.Client()
if err != nil {
return err
}
refs, err := cmd.ManagedObjects(ctx, f.Args())
if err != nil {
return err
}
m := object.NewAuthorizationManager(c)
rl, err := m.RoleList(ctx)
if err != nil {
return err
}
role := rl.ByName(cmd.role)
if role == nil {
return fmt.Errorf("role '%s' not found", cmd.role)
}
cmd.Permission.RoleId = role.RoleId
perms := []types.Permission{cmd.Permission}
for _, ref := range refs {
err = m.SetEntityPermissions(ctx, ref, perms)
if err != nil {
return err
}
}
return nil
}
func (cmd *ls) Run(ctx context.Context, f *flag.FlagSet) error {
c, err := cmd.Client()
if err != nil {
return err
}
refs, err := cmd.ManagedObjects(ctx, f.Args())
if err != nil {
return err
}
m := object.NewAuthorizationManager(c)
rl, err := m.RoleList(ctx)
if err != nil {
return err
}
tw := tabwriter.NewWriter(os.Stdout, 2, 0, 2, ' ', 0)
for _, ref := range refs {
perms, err := m.RetrieveEntityPermissions(ctx, ref, true)
if err != nil {
return err
}
for _, perm := range perms {
fmt.Fprintf(tw, "%s\t%s\n", perm.Principal, rl.ById(perm.RoleId).Name)
}
}
return tw.Flush()
}
func (f *PermissionFlag) Manager(ctx context.Context) (*object.AuthorizationManager, error) {
if f.m != nil {
return f.m, nil
}
c, err := f.Client()
if err != nil {
return nil, err
}
f.m = object.NewAuthorizationManager(c)
f.Roles, err = f.m.RoleList(ctx)
return f.m, err
}
func (cmd *remove) Run(ctx context.Context, f *flag.FlagSet) error {
c, err := cmd.Client()
if err != nil {
return err
}
refs, err := cmd.ManagedObjects(ctx, f.Args())
if err != nil {
return err
}
m := object.NewAuthorizationManager(c)
for _, ref := range refs {
err = m.RemoveEntityPermission(ctx, ref, cmd.Principal, cmd.Group)
if err != nil {
return err
}
}
return nil
}
