-
Notifications
You must be signed in to change notification settings - Fork 167
/
admin-clean-acls.go
105 lines (88 loc) · 3.41 KB
/
admin-clean-acls.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
/*
* Copyright (c) 2019-2021. Abstrium SAS <team (at) pydio.com>
* This file is part of Pydio Cells.
*
* Pydio Cells is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Pydio Cells is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with Pydio Cells. If not, see <http://www.gnu.org/licenses/>.
*
* The latest code can be found at <https://pydio.com>.
*/
package cmd
import (
"fmt"
"github.com/pydio/cells/v4/common/proto/idm"
"os"
"strconv"
"time"
"github.com/pydio/cells/v4/common/client/grpc"
"github.com/spf13/cobra"
"github.com/pydio/cells/v4/common"
)
var (
cleanAclAfter string
cleanAclBefore string
)
var dataCleanACLsCmd = &cobra.Command{
Use: "acls",
Short: "Clean Expired ACLs",
Long: `
DESCRIPTION
When deleted after a node deletion, ACLs are not really deleted but only expired, to be able to restore them
if necessary. This can lead to keep unused data, and particularly shared links information that may prevent users to
re-use an existing custom link value. Use this command to definitely delete expired ACLs based on a period.
Parameters accept either timestamps or durations. In the later case, corresponding time is computed using "Now - Duration".
EXAMPLES
Clean all ACLs expired before last 24h
$ ` + os.Args[0] + ` clean admin acls --before 24h
`,
Run: func(cmd *cobra.Command, args []string) {
if cleanAclAfter == "" && cleanAclBefore == "" {
cmd.Println("Please provide at least one of --after | --before")
cmd.Help()
return
}
req := &idm.DeleteACLRequest{}
if ea, err := strconv.ParseInt(cleanAclAfter, 10, 64); err == nil && ea > 0 {
req.ExpiredAfter = ea
} else if d, er := time.ParseDuration(cleanAclAfter); er == nil {
req.ExpiredAfter = time.Now().Add(-d).Unix()
}
if eb, err := strconv.ParseInt(cleanAclBefore, 10, 64); err == nil && eb > 0 {
req.ExpiredBefore = eb
} else if d, er := time.ParseDuration(cleanAclBefore); er == nil {
req.ExpiredBefore = time.Now().Add(-d).Unix()
}
if req.ExpiredAfter == 0 && req.ExpiredBefore == 0 {
cmd.Println("[ERROR] please provide at least one valid parameter")
cmd.Help()
return
}
aclClient := idm.NewACLServiceClient(grpc.GetClientConnFromCtx(ctx, common.ServiceAcl))
resp, e := aclClient.DeleteACL(ctx, req)
if e != nil {
cmd.Println("[ERROR] " + e.Error())
cmd.Help()
return
}
if resp.GetRowsDeleted() > 0 {
cmd.Println(fmt.Sprintf("Definitely deleted %d ACLs (period %v-%v)", resp.GetRowsDeleted(), time.Unix(req.ExpiredAfter, 0), time.Unix(req.ExpiredBefore, 0)))
} else {
cmd.Println(fmt.Sprintf("Nothing to delete for period %v-%v", time.Unix(req.ExpiredAfter, 0), time.Unix(req.ExpiredBefore, 0)))
}
},
}
func init() {
dataCleanACLsCmd.PersistentFlags().StringVarP(&cleanAclAfter, "after", "a", "", "Expiration date is greater than...")
dataCleanACLsCmd.PersistentFlags().StringVarP(&cleanAclBefore, "before", "b", "240h", "Expiration date is lower than...")
CleanCmd.AddCommand(dataCleanACLsCmd)
}