Feat: add sftp and ssh user creation and update

README.md

@@ -247,10 +247,14 @@ USAGE
 * [`mw project update [PROJECT-ID]`](#mw-project-update-project-id)
 * [`mw server get [SERVER-ID]`](#mw-server-get-server-id)
 * [`mw server list`](#mw-server-list)
+* [`mw sftp-user create`](#mw-sftp-user-create)
 * [`mw sftp-user delete SFTP-USER-ID`](#mw-sftp-user-delete-sftp-user-id)
 * [`mw sftp-user list`](#mw-sftp-user-list)
+* [`mw sftp-user update SFTP-USER-ID`](#mw-sftp-user-update-sftp-user-id)
+* [`mw ssh-user create`](#mw-ssh-user-create)
 * [`mw ssh-user delete SSH-USER-ID`](#mw-ssh-user-delete-ssh-user-id)
 * [`mw ssh-user list`](#mw-ssh-user-list)
+* [`mw ssh-user update SSH-USER-ID`](#mw-ssh-user-update-ssh-user-id)
 * [`mw update [CHANNEL]`](#mw-update-channel)
 * [`mw user api-token create`](#mw-user-api-token-create)
 * [`mw user api-token get TOKEN-ID`](#mw-user-api-token-get-token-id)
@@ -5262,6 +5266,65 @@ DESCRIPTION
   List servers for an organization or user.
 ```
 
+## `mw sftp-user create`
+
+Create a new SFTP user
+
+```
+USAGE
+  $ mw sftp-user create --description <value> --directories <value>... [-p <value>] [-q] [--expires <value>]
+    [--public-key <value>] [--password <value>] [--access-level read|full]
+
+FLAGS
+  -p, --project-id=<value>      ID or short ID of a project; this flag is optional if a default project is set in the
+                                context
+  -q, --quiet                   suppress process output and only display a machine-readable summary.
+      --access-level=<option>   Set access level permissions for the SFTP user.
+                                <options: read|full>
+      --description=<value>     (required) Set description for SFTP user.
+      --directories=<value>...  (required) Specify directories to restrict this SFTP users access to.
+      --expires=<value>         an interval after which the SFTP User expires (examples: 30m, 30d, 1y).
+      --password=<value>        Password used for authentication
+      --public-key=<value>      Public key used for authentication
+
+FLAG DESCRIPTIONS
+  -p, --project-id=<value>
+
+    ID or short ID of a project; this flag is optional if a default project is set in the context
+
+    May contain a short ID or a full ID of a project; you can also use the "mw context set --project-id=<VALUE>" command
+    to persistently set a default project for all commands that accept this flag.
+
+  -q, --quiet  suppress process output and only display a machine-readable summary.
+
+    This flag controls if you want to see the process output or only a summary. When using mw non-interactively (e.g. in
+    scripts), you can use this flag to easily get the IDs of created resources for further processing.
+
+  --access-level=read|full  Set access level permissions for the SFTP user.
+
+    Must be specified as either read or full. Grant the user either read-only or full file read and write privileges.
+
+  --description=<value>  Set description for SFTP user.
+
+    Set the description for the given SFTP user, which will be displayed in the mStudio as well as with the list
+    command.
+
+  --directories=<value>...  Specify directories to restrict this SFTP users access to.
+
+    Specified as a list of directories, will restrict access for this user to the specified directories.
+
+  --password=<value>  Password used for authentication
+
+    Specify an authentication password. Using a password for authentication prevents this user from also using a public
+    key for authentication.
+
+  --public-key=<value>  Public key used for authentication
+
+    Specifies the public key to use for authentication. The corresponding private key is required locally to connect
+    through this user. Using a public key for authentication prevents this user from also using a password for
+    authentication.
+```
+
 ## `mw sftp-user delete SFTP-USER-ID`
 
 Delete an SFTP user
@@ -5323,6 +5386,119 @@ FLAG DESCRIPTIONS
     to persistently set a default project for all commands that accept this flag.
 ```
 
+## `mw sftp-user update SFTP-USER-ID`
+
+Update an existing SFTP user
+
+```
+USAGE
+  $ mw sftp-user update SFTP-USER-ID [-q] [--expires <value>] [--description <value>] [--public-key <value> |
+    --password <value>] [--access-level read|full] [--directories <value>...] [--enable | --disable]
+
+ARGUMENTS
+  SFTP-USER-ID  The ID of the SFTP user to delete
+
+FLAGS
+  -q, --quiet                   suppress process output and only display a machine-readable summary.
+      --access-level=<option>   Set access level permissions for the SFTP user.
+                                <options: read|full>
+      --description=<value>     Set description for SFTP user.
+      --directories=<value>...  Specify directories to restrict this SFTP users access to.
+      --disable                 Disable the SFTP user.
+      --enable                  Enable the SFTP user.
+      --expires=<value>         an interval after which the SFTP user expires (examples: 30m, 30d, 1y).
+      --password=<value>        Password used for authentication
+      --public-key=<value>      Public key used for authentication
+
+DESCRIPTION
+  Update an existing SFTP user
+
+FLAG DESCRIPTIONS
+  -q, --quiet  suppress process output and only display a machine-readable summary.
+
+    This flag controls if you want to see the process output or only a summary. When using mw non-interactively (e.g. in
+    scripts), you can use this flag to easily get the IDs of created resources for further processing.
+
+  --access-level=read|full  Set access level permissions for the SFTP user.
+
+    Must be specified as either read or full. Grant the user either read-only or full file read and write privileges.
+
+  --description=<value>  Set description for SFTP user.
+
+    Set the description for the given SFTP user, which will be displayed in the mStudio as well as with the list
+    command.
+
+  --directories=<value>...  Specify directories to restrict this SFTP users access to.
+
+    Specified as a list of directories, will restrict access for this user to the specified directories.
+
+  --disable  Disable the SFTP user.
+
+    Set the status of the SFTP user to active. Access by this user will be enabled.
+
+  --enable  Enable the SFTP user.
+
+    Set the status of the SFTP user to inactive. Access by this user will be disabled.
+
+  --password=<value>  Password used for authentication
+
+    Specify an authentication password. Using a password for authentication prevents this user from also using a public
+    key for authentication.
+
+  --public-key=<value>  Public key used for authentication
+
+    Specifies the public key to use for authentication. The corresponding private key is required locally to connect
+    through this user. Using a public key for authentication prevents this user from also using a password for
+    authentication.
+```
+
+## `mw ssh-user create`
+
+Create a new SSH user
+
+```
+USAGE
+  $ mw ssh-user create --description <value> [-p <value>] [-q] [--expires <value>] [--public-key <value>] [--password
+    <value>]
+
+FLAGS
+  -p, --project-id=<value>   ID or short ID of a project; this flag is optional if a default project is set in the
+                             context
+  -q, --quiet                suppress process output and only display a machine-readable summary.
+      --description=<value>  (required) Set description for SSH user.
+      --expires=<value>      an interval after which the SSH user expires (examples: 30m, 30d, 1y).
+      --password=<value>     Password used for authentication
+      --public-key=<value>   Public key used for authentication
+
+FLAG DESCRIPTIONS
+  -p, --project-id=<value>
+
+    ID or short ID of a project; this flag is optional if a default project is set in the context
+
+    May contain a short ID or a full ID of a project; you can also use the "mw context set --project-id=<VALUE>" command
+    to persistently set a default project for all commands that accept this flag.
+
+  -q, --quiet  suppress process output and only display a machine-readable summary.
+
+    This flag controls if you want to see the process output or only a summary. When using mw non-interactively (e.g. in
+    scripts), you can use this flag to easily get the IDs of created resources for further processing.
+
+  --description=<value>  Set description for SSH user.
+
+    Set the description for the given SSH user, which will be displayed in the mStudio as well as with the list command.
+
+  --password=<value>  Password used for authentication
+
+    Specify an authentication password. Using a password for authentication prevents this user from also using a public
+    key for authentication.
+
+  --public-key=<value>  Public key used for authentication
+
+    Specifies the public key to use for authentication. The corresponding private key is required locally to connect
+    through this user. Using a public key for authentication prevents this user from also using a password for
+    authentication.
+```
+
 ## `mw ssh-user delete SSH-USER-ID`
 
 Delete an SSH user
@@ -5384,6 +5560,60 @@ FLAG DESCRIPTIONS
     to persistently set a default project for all commands that accept this flag.
 ```
 
+## `mw ssh-user update SSH-USER-ID`
+
+Update an existing SSH user
+
+```
+USAGE
+  $ mw ssh-user update SSH-USER-ID [-q] [--expires <value>] [--description <value>] [--public-key <value>]
+    [--password <value>] [--enable | --disable]
+
+ARGUMENTS
+  SSH-USER-ID  The ID of the SSH user to update
+
+FLAGS
+  -q, --quiet                suppress process output and only display a machine-readable summary.
+      --description=<value>  Set description for SSH user.
+      --disable              Disable the SSH user.
+      --enable               Enable the SSH user.
+      --expires=<value>      an interval after which the SSH user expires (examples: 30m, 30d, 1y).
+      --password=<value>     Password used for authentication
+      --public-key=<value>   Public key used for authentication
+
+DESCRIPTION
+  Update an existing SSH user
+
+FLAG DESCRIPTIONS
+  -q, --quiet  suppress process output and only display a machine-readable summary.
+
+    This flag controls if you want to see the process output or only a summary. When using mw non-interactively (e.g. in
+    scripts), you can use this flag to easily get the IDs of created resources for further processing.
+
+  --description=<value>  Set description for SSH user.
+
+    Set the description for the given SSH user, which will be displayed in the mStudio as well as with the list command.
+
+  --disable  Disable the SSH user.
+
+    Set the status of the SSH user to active. Access by this user will be enabled.
+
+  --enable  Enable the SSH user.
+
+    Set the status of the SSH user to inactive. Access by this user will be disabled.
+
+  --password=<value>  Password used for authentication
+
+    Specify an authentication password. Using a password for authentication prevents this user from also using a public
+    key for authentication.
+
+  --public-key=<value>  Public key used for authentication
+
+    Specifies the public key to use for authentication. The corresponding private key is required locally to connect
+    through this user. Using a public key for authentication prevents this user from also using a password for
+    authentication.
+```
+
 ## `mw update [CHANNEL]`
 
 update the mw CLI

src/commands/sftp-user/create.tsx

@@ -0,0 +1,119 @@
+import { ExecRenderBaseCommand } from "../../lib/basecommands/ExecRenderBaseCommand.js";
+import {
+  makeProcessRenderer,
+  processFlags,
+} from "../../rendering/process/process_flags.js";
+import { ReactNode } from "react";
+import { assertStatus } from "@mittwald/api-client-commons";
+import { Success } from "../../rendering/react/components/Success.js";
+import { Value } from "../../rendering/react/components/Value.js";
+import { projectFlags } from "../../lib/resources/project/flags.js";
+import { MittwaldAPIV2Client } from "@mittwald/api-client";
+import { expireFlags } from "../../lib/flags/expireFlags.js";
+import { sftpUserFlagDefinitions } from "../../lib/resources/sftp/flags.js";
+
+type Result = {
+  sftpUserId: string;
+};
+
+type SftpUserCreationPayload = Parameters<
+  MittwaldAPIV2Client["sshsftpUser"]["sftpUserCreateSftpUser"]
+>[0]["data"];
+
+export class Create extends ExecRenderBaseCommand<typeof Create, Result> {
+  static summary = "Create a new SFTP user";
+  static flags = {
+    ...projectFlags,
+    ...processFlags,
+    ...expireFlags("SFTP User", false),
+    description: sftpUserFlagDefinitions.description({ required: true }),
+    "public-key": sftpUserFlagDefinitions["public-key"]({
+      exactlyOne: ["public-key", "password"],
+    }),
+    password: sftpUserFlagDefinitions.password({
+      exactlyOne: ["public-key", "password"],
+    }),
+    "access-level": sftpUserFlagDefinitions["access-level"](),
+    directories: sftpUserFlagDefinitions.directories({ required: true }),
+  };
+
+  protected async exec(): Promise<Result> {
+    const process = makeProcessRenderer(this.flags, "Creating a new SFTP User");
+    const projectId = await this.withProjectId(Create);
+    const {
+      description,
+      "public-key": publicKey,
+      password,
+      expires,
+      "access-level": accessLevel,
+      directories,
+    } = this.flags;
+
+    let authentication: SftpUserCreationPayload["authentication"];
+    if (password) {
+      authentication = { password };
+    } else if (publicKey) {
+      authentication = {
+        publicKeys: [{ comment: "Public key set through CLI", key: publicKey }],
+      };
+    } else {
+      throw new Error("The authentication method could not be set correctly.");
+    }
+
+    const sftpUserCreationPayload: SftpUserCreationPayload = {
+      authentication,
+      description,
+      directories: [directories[0], ...directories.slice(1)],
+    };
+
+    if (expires) {
+      sftpUserCreationPayload.expiresAt = expires.toString();
+    }
+    if (accessLevel == "read" || accessLevel == "full") {
+      sftpUserCreationPayload.accessLevel = accessLevel;
+    } else {
+      sftpUserCreationPayload.accessLevel = undefined;
+    }
+
+    const { id: sftpUserId } = await process.runStep(
+      "creating SFTP user",
+      async () => {
+        const r = await this.apiClient.sshsftpUser.sftpUserCreateSftpUser({
+          projectId,
+          data: sftpUserCreationPayload,
+        });
+        assertStatus(r, 201);
+        return r.data;
+      },
+    );
+
+    const sftpUser = await process.runStep(
+      "checking newly created SFTP user",
+      async () => {
+        const r = await this.apiClient.sshsftpUser.sftpUserGetSftpUser({
+          sftpUserId,
+        });
+        assertStatus(r, 200);
+        return r.data;
+      },
+    );
+
+    await process.complete(
+      <Success>
+        The SFTP user "
+        <Value>
+          {sftpUser.userName} ({sftpUser.description})
+        </Value>
+        " was successfully created.
+      </Success>,
+    );
+
+    return { sftpUserId };
+  }
+
+  protected render({ sftpUserId }: Result): ReactNode {
+    if (this.flags.quiet) {
+      return sftpUserId;
+    }
+  }
+}