func (h *PolicyHandler) AddResourceToPolicy(cmd *cobra.Command, args []string) {
h.M.Dry = *h.Config.Dry
h.M.Endpoint = h.Config.Resolve("/policies")
h.M.Client = h.Config.OAuth2Client(cmd)
if len(args) < 2 {
fmt.Print(cmd.UsageString())
return
}
policy, err := h.M.Get(args[0])
pkg.Must(err, "Could not get policy: %s", err)
err = h.M.Delete(args[0])
if h.M.Dry {
fmt.Printf("%s\n", err)
} else {
pkg.Must(err, "Could not prepare policy for update: %s", err)
}
p := policy.(*ladon.DefaultPolicy)
p.Resources = append(p.Resources, args[1:]...)
err = h.M.Create(policy)
if h.M.Dry {
fmt.Printf("%s\n", err)
return
}
pkg.Must(err, "Could not update policy: %s", err)
fmt.Printf("Added resources to policy %s", p.ID)
}
func checkVolumeArgs(cmd *cobra.Command, args []string) {
if len(args) > 0 {
return
}
fmt.Fprintln(os.Stderr, cmd.UsageString())
os.Exit(1)
}
// FlagErrorFunc prints an error messages which matches the format of the
// docker/docker/cli error messages
func FlagErrorFunc(cmd *cobra.Command, err error) error {
if err == nil {
return err
}
usage := ""
if cmd.HasSubCommands() {
usage = "\n\n" + cmd.UsageString()
}
return fmt.Errorf("%s\nSee '%s --help'.%s", err, cmd.CommandPath(), usage)
}
func (h *PolicyHandler) CreatePolicy(cmd *cobra.Command, args []string) {
h.M.Dry = *h.Config.Dry
h.M.Endpoint = h.Config.Resolve("/policies")
h.M.Client = h.Config.OAuth2Client(cmd)
files, _ := cmd.Flags().GetStringSlice("files")
if len(files) > 0 {
for _, path := range files {
reader, err := os.Open(path)
pkg.Must(err, "Could not open file %s: %s", path, err)
var policy ladon.DefaultPolicy
err = json.NewDecoder(reader).Decode(&policy)
pkg.Must(err, "Could not parse JSON: %s", err)
err = h.M.Create(&policy)
pkg.Must(err, "Could not create policy: %s", err)
fmt.Printf("Imported policy %s from %s.\n", policy.ID, path)
}
return
}
id, _ := cmd.Flags().GetString("id")
description, _ := cmd.Flags().GetString("description")
subjects, _ := cmd.Flags().GetStringSlice("subjects")
resources, _ := cmd.Flags().GetStringSlice("resources")
actions, _ := cmd.Flags().GetStringSlice("actions")
isAllow, _ := cmd.Flags().GetBool("allow")
if len(subjects) == 0 || len(resources) == 0 || len(actions) == 0 {
fmt.Println(cmd.UsageString())
fmt.Println("")
fmt.Println("Got empty subject, resource or action list")
}
effect := ladon.DenyAccess
if isAllow {
effect = ladon.AllowAccess
}
policy := &ladon.DefaultPolicy{
ID: id,
Description: description,
Subjects: subjects,
Resources: resources,
Actions: actions,
Effect: effect,
}
err := h.M.Create(policy)
if h.M.Dry {
fmt.Printf("%s\n", err)
return
}
pkg.Must(err, "Could not create policy: %s", err)
fmt.Printf("Created policy %s.\n", policy.ID)
}
// FlagErrorFunc prints an error message which matches the format of the
// docker/docker/cli error messages
func FlagErrorFunc(cmd *cobra.Command, err error) error {
if err == nil {
return err
}
usage := ""
if cmd.HasSubCommands() {
usage = "\n\n" + cmd.UsageString()
}
return StatusError{
Status: fmt.Sprintf("%s\nSee '%s --help'.%s", err, cmd.CommandPath(), usage),
StatusCode: 125,
}
}
func (h *JWKHandler) DeleteKeys(cmd *cobra.Command, args []string) {
h.M.Endpoint = h.Config.Resolve("/keys")
h.M.Client = h.Config.OAuth2Client(cmd)
if len(args) == 0 {
fmt.Println(cmd.UsageString())
return
}
err := h.M.DeleteKeySet(args[0])
if h.M.Dry {
fmt.Printf("%s\n", err)
return
}
pkg.Must(err, "Could not generate keys: %s", err)
fmt.Println("Key set deleted.")
}
// NoArgs validate args and returns an error if there are any args
func NoArgs(cmd *cobra.Command, args []string) error {
if len(args) == 0 {
return nil
}
if cmd.HasSubCommands() {
return fmt.Errorf("\n" + strings.TrimRight(cmd.UsageString(), "\n"))
}
return fmt.Errorf(
"\"%s\" accepts no argument(s).\nSee '%s --help'.\n\nUsage: %s\n\n%s",
cmd.CommandPath(),
cmd.CommandPath(),
cmd.UseLine(),
cmd.Short,
)
}
func genMarkdown(command, parent *cobra.Command, out io.Writer) {
name := command.Name()
if parent != nil {
name = fmt.Sprintf("%s %s", parent.Name(), name)
}
fmt.Fprintf(out, "#### %s\n", name)
desc := command.Long
if len(desc) == 0 {
desc = command.Short
}
fmt.Fprintf(out, "%s\n\n", desc)
usage := command.UsageString()
fmt.Fprintf(out, "Usage:\n```\n%s\n```\n\n", usage[9:len(usage)-1])
for _, c := range command.Commands() {
genMarkdown(c, command, out)
}
}
func (h *ConnectionHandler) DeleteConnection(cmd *cobra.Command, args []string) {
h.M.Dry = *h.Config.Dry
h.M.Client = h.Config.OAuth2Client(cmd)
h.M.Endpoint = h.Config.Resolve("/connections")
if len(args) == 0 {
fmt.Print(cmd.UsageString())
return
}
for _, arg := range args {
err := h.M.Delete(arg)
if h.M.Dry {
fmt.Printf("%s\n", err)
continue
}
pkg.Must(err, "Could not delete connection: %s", err)
fmt.Printf("Connection %s deleted.\n", arg)
}
}
func (h *ClientHandler) DeleteClient(cmd *cobra.Command, args []string) {
h.M.Dry = *h.Config.Dry
h.M.Endpoint = h.Config.Resolve("/clients")
h.M.Client = h.Config.OAuth2Client(cmd)
if len(args) == 0 {
fmt.Print(cmd.UsageString())
return
}
for _, c := range args {
err := h.M.DeleteClient(c)
if h.M.Dry {
fmt.Printf("%s\n", err)
continue
}
pkg.Must(err, "Could not delete client: %s", err)
}
fmt.Println("Client(s) deleted.")
}
func (h *JWKHandler) GetKeys(cmd *cobra.Command, args []string) {
h.M.Dry = *h.Config.Dry
h.M.Endpoint = h.Config.Resolve("/keys")
h.M.Client = h.Config.OAuth2Client(cmd)
if len(args) == 0 {
fmt.Println(cmd.UsageString())
return
}
keys, err := h.M.GetKeySet(args[0])
if h.M.Dry {
fmt.Printf("%s\n", err)
return
}
pkg.Must(err, "Could not generate keys: %s", err)
out, err := json.MarshalIndent(keys, "", "\t")
pkg.Must(err, "Could not marshall keys: %s", err)
fmt.Printf("%s\n", out)
}
func (h *ConnectionHandler) CreateConnection(cmd *cobra.Command, args []string) {
h.M.Dry = *h.Config.Dry
h.M.Client = h.Config.OAuth2Client(cmd)
h.M.Endpoint = h.Config.Resolve("/connections")
if len(args) != 3 {
fmt.Print(cmd.UsageString())
return
}
err := h.M.Create(&connection.Connection{
ID: uuid.New(),
Provider: args[0],
LocalSubject: args[1],
RemoteSubject: args[2],
})
if h.M.Dry {
fmt.Printf("%s\n", err)
return
}
pkg.Must(err, "Could not create connection: %s", err)
}
func (h *PolicyHandler) GetPolicy(cmd *cobra.Command, args []string) {
h.M.Dry = *h.Config.Dry
h.M.Endpoint = h.Config.Resolve("/policies")
h.M.Client = h.Config.OAuth2Client(cmd)
if len(args) == 0 {
fmt.Print(cmd.UsageString())
return
}
policy, err := h.M.Get(args[0])
if h.M.Dry {
fmt.Printf("%s\n", err)
return
}
pkg.Must(err, "Could not delete policy: %s", err)
out, err := json.MarshalIndent(policy, "", "\t")
pkg.Must(err, "Could not retrieve policy: %s", err)
fmt.Printf("%s\n", out)
}
func (h *ClientHandler) ImportClients(cmd *cobra.Command, args []string) {
h.M.Dry = *h.Config.Dry
if len(args) == 0 {
fmt.Print(cmd.UsageString())
return
}
for _, path := range args {
reader, err := os.Open(path)
pkg.Must(err, "Could not open file %s: %s", path, err)
var client fosite.DefaultClient
err = json.NewDecoder(reader).Decode(&client)
pkg.Must(err, "Could not parse JSON: %s", err)
err = h.M.CreateClient(&client)
if h.M.Dry {
fmt.Printf("%s\n", err)
continue
}
pkg.Must(err, "Could not create client: %s", err)
fmt.Printf("Imported client %s from %s.\n", client.ID, path)
}
}