/
rules.go
152 lines (130 loc) · 3.85 KB
/
rules.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
package cli
import (
"fmt"
"os"
"sort"
"strings"
"text/tabwriter"
"github.com/micro/micro/v3/client/cli/namespace"
"github.com/micro/micro/v3/client/cli/util"
pb "github.com/micro/micro/v3/proto/auth"
"github.com/micro/micro/v3/service/client"
"github.com/micro/micro/v3/service/context"
"github.com/micro/micro/v3/service/errors"
"github.com/urfave/cli/v2"
)
func listRules(ctx *cli.Context) error {
cli := pb.NewRulesService("auth", client.DefaultClient)
env, err := util.GetEnv(ctx)
if err != nil {
return err
}
ns, err := namespace.Get(env.Name)
if err != nil {
return fmt.Errorf("Error getting namespace: %v", err)
}
rsp, err := cli.List(context.DefaultContext, &pb.ListRequest{
Options: &pb.Options{Namespace: ns},
}, client.WithAuthToken())
if err != nil {
return fmt.Errorf("Error listing rules: %v", err)
}
w := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', 0)
defer w.Flush()
formatResource := func(r *pb.Resource) string {
return strings.Join([]string{r.Type, r.Name, r.Endpoint}, ":")
}
// sort rules using resource name and priority to keep the list consistent
sort.Slice(rsp.Rules, func(i, j int) bool {
resI := formatResource(rsp.Rules[i].Resource) + string(rsp.Rules[i].Priority)
resJ := formatResource(rsp.Rules[j].Resource) + string(rsp.Rules[j].Priority)
return sort.StringsAreSorted([]string{resJ, resI})
})
fmt.Fprintln(w, strings.Join([]string{"ID", "Scope", "Access", "Resource", "Priority"}, "\t\t"))
for _, r := range rsp.Rules {
res := formatResource(r.Resource)
if r.Scope == "" {
r.Scope = "<public>"
}
fmt.Fprintln(w, strings.Join([]string{r.Id, r.Scope, r.Access.String(), res, fmt.Sprintf("%d", r.Priority)}, "\t\t"))
}
return nil
}
func createRule(ctx *cli.Context) error {
env, err := util.GetEnv(ctx)
if err != nil {
return err
}
ns, err := namespace.Get(env.Name)
if err != nil {
return fmt.Errorf("Error getting namespace: %v", err)
}
rule, err := constructRule(ctx)
if err != nil {
return err
}
cli := pb.NewRulesService("auth", client.DefaultClient)
_, err = cli.Create(context.DefaultContext, &pb.CreateRequest{
Rule: rule, Options: &pb.Options{Namespace: ns},
}, client.WithAuthToken())
if verr := errors.FromError(err); verr != nil {
return fmt.Errorf("Error: %v", verr.Detail)
} else if err != nil {
return err
}
fmt.Println("Rule created")
return nil
}
func deleteRule(ctx *cli.Context) error {
if ctx.Args().Len() != 1 {
return fmt.Errorf("Expected one argument: ID")
}
env, err := util.GetEnv(ctx)
if err != nil {
return err
}
ns, err := namespace.Get(env.Name)
if err != nil {
return fmt.Errorf("Error getting namespace: %v", err)
}
cli := pb.NewRulesService("auth", client.DefaultClient)
_, err = cli.Delete(context.DefaultContext, &pb.DeleteRequest{
Id: ctx.Args().First(), Options: &pb.Options{Namespace: ns},
}, client.WithAuthToken())
if verr := errors.FromError(err); err != nil {
return fmt.Errorf("Error: %v", verr.Detail)
} else if err != nil {
return err
}
fmt.Println("Rule deleted")
return nil
}
func constructRule(ctx *cli.Context) (*pb.Rule, error) {
if ctx.Args().Len() != 1 {
return nil, fmt.Errorf("Too many arguments, expected one argument: ID")
}
var access pb.Access
switch ctx.String("access") {
case "granted":
access = pb.Access_GRANTED
case "denied":
access = pb.Access_DENIED
default:
return nil, fmt.Errorf("Invalid access: %v, must be granted or denied", ctx.String("access"))
}
resComps := strings.Split(ctx.String("resource"), ":")
if len(resComps) != 3 {
return nil, fmt.Errorf("Invalid resource, must be in the format type:name:endpoint")
}
return &pb.Rule{
Id: ctx.Args().First(),
Access: access,
Scope: ctx.String("scope"),
Priority: int32(ctx.Int("priority")),
Resource: &pb.Resource{
Type: resComps[0],
Name: resComps[1],
Endpoint: resComps[2],
},
}, nil
}