aspera-cli 4.17.0 → 4.18.1

data/lib/aspera/cli/plugins/faspex5.rb

@@ -4,13 +4,13 @@
 
 require 'aspera/cli/basic_auth_plugin'
 require 'aspera/cli/extended_value'
+require 'aspera/cli/special_values'
 require 'aspera/persistency_action_once'
 require 'aspera/id_generator'
 require 'aspera/nagios'
 require 'aspera/environment'
 require 'aspera/assert'
 require 'securerandom'
-require 'tty-spinner'
 
 module Aspera
   module Cli
@@ -24,8 +24,8 @@ module Aspera
         # Faspex API v5: get transfer spec for connect
         TRANSFER_CONNECT = 'connect'
         ADMIN_RESOURCES = %i[
-          accounts contacts jobs workgroups shared_inboxes nodes oauth_clients registrations saml_configs
-          metadata_profiles email_notifications alternate_addresses
+          accounts distribution_lists contacts jobs workgroups shared_inboxes nodes oauth_clients registrations saml_configs
+          metadata_profiles email_notifications alternate_addresses webhooks
         ].freeze
         # states for jobs not in final state
         JOB_RUNNING = %w[queued working].freeze
@@ -58,7 +58,7 @@ module Aspera
               path_api_detect = "#{PATH_API_V5}/#{PATH_HEALTH}"
               result = api.read(path_api_detect)
               next unless result[:http].code.start_with?('2') && result[:http].body.strip.empty?
-              # end is at -1, and substract 1 for "/"
+              # end is at -1, and subtract 1 for "/"
               url_length = -2 - path_api_detect.length
               # take redirect if any
               return {
@@ -82,7 +82,7 @@ module Aspera
             if options.get_option(:client_id).nil? || options.get_option(:client_secret).nil?
               formatter.display_status('Ask the ascli client id and secret to your Administrator.'.red)
               formatter.display_status("Admin should login to: #{instance_url}")
-              OpenApplication.instance.uri(instance_url)
+              Environment.instance.open_uri(instance_url)
               formatter.display_status('Navigate to: 𓃑  → Admin → Configurations → API clients')
               formatter.display_status('Create an API client with:')
               formatter.display_status('- name: ascli')
@@ -119,7 +119,7 @@ module Aspera
           options.declare(:auth, 'OAuth type of authentication', values: STD_AUTH_TYPES, default: :jwt)
           options.declare(:private_key, 'OAuth JWT RSA private key PEM value (prefix file path with @file:)')
           options.declare(:passphrase, 'OAuth JWT RSA private key passphrase')
-          options.declare(:box, "Package inbox, either shared inbox name or one of: #{API_LIST_MAILBOX_TYPES.join(', ')} or #{ExtendedValue::ALL}", default: 'inbox')
+          options.declare(:box, "Package inbox, either shared inbox name or one of: #{API_LIST_MAILBOX_TYPES.join(', ')} or #{SpecialValues::ALL}", default: 'inbox')
           options.declare(:shared_folder, 'Send package with files from shared folder')
           options.declare(:group_type, 'Type of shared box', values: %i[shared_inboxes workgroups], default: :shared_inboxes)
           options.parse_options!
@@ -237,31 +237,27 @@ module Aspera
         end
 
         def wait_for_job(job_id)
-          spinner = nil
           loop do
             status = @api_v5.read("jobs/#{job_id}", {type: :formatted})[:data]
             return status unless JOB_RUNNING.include?(status['status'])
-            if spinner.nil?
-              spinner = TTY::Spinner.new('[:spinner] :title', format: :classic)
-              spinner.start
-            end
-            spinner.update(title: status['status'])
-            spinner.spin
+            formatter.long_operation_running(status['status'])
             sleep(0.5)
           end
           Aspera.error_unreachable_line
         end
 
-        # Get a (full or partial) list of all entities of a given type
+        # Get a (full or partial) list of all entities of a given type with query: offset/limit
         # @param type [String] the type of entity to list (just a name)
         # @param query [Hash,nil] additional query parameters
         # @param real_path [String] real path if it's n ot just the type
         # @param item_list_key [String] key in the result to get the list of items
-        def list_entities(type:, real_path: nil, query: {}, item_list_key: nil)
+        def list_entities(type:, real_path: nil, item_list_key: nil, query: {})
+          Log.log.trace1{"list_entities t=#{type} p=#{real_path} k=#{item_list_key} q=#{query}"}
           type = type.to_s if type.is_a?(Symbol)
           Aspera.assert_type(type, String)
+          Aspera.assert_type(query, Hash)
           item_list_key = type if item_list_key.nil?
-          full_path = real_path.nil? ? type : real_path
+          real_path = type if real_path.nil?
           result = []
           offset = 0
           max_items = query.delete(MAX_ITEMS)
@@ -270,7 +266,8 @@ module Aspera
           query = {'limit'=> PER_PAGE_DEFAULT}.merge(query)
           loop do
             query['offset'] = offset
-            page_result = @api_v5.read(full_path, query)[:data]
+            page_result = @api_v5.read(real_path, query)[:data]
+            Aspera.assert_type(page_result[item_list_key], Array)
             result.concat(page_result[item_list_key])
             # reach the limit set by user ?
             if !max_items.nil? && (result.length >= max_items)
@@ -281,12 +278,19 @@ module Aspera
             remain_pages -= 1 unless remain_pages.nil?
             break if remain_pages == 0
             offset += page_result[item_list_key].length
+            formatter.long_operation_running
           end
           return result
         end
 
         # lookup an entity id from its name
-        def lookup_entity_by_field(type:, value:, field: 'name', query: :default, real_path: nil, item_list_key: nil)
+        # @param type [String] the type of entity to lookup, by default it is the path, and it is also the field name in result
+        # @param value [String] the value to lookup
+        # @param field [String] the field to match, by default it is 'name'
+        # @param real_path [String] real path if it's not just the type (override type)
+        # @param item_list_key [String] key in the result to get the list of items (override type)
+        # @param query [Hash] additional query parameters
+        def lookup_entity_by_field(type:, value:, field: 'name', real_path: nil, item_list_key: nil, query: :default)
           if query.eql?(:default)
             Aspera.assert(field.eql?('name')){'Default query is on name only'}
             query = {'q'=> value}
@@ -301,12 +305,12 @@ module Aspera
 
         # list all packages with optional filter
         def list_packages_with_filter(query: {})
-          filter = options.get_next_argument('filter', mandatory: false, type: Proc, default: ->(_x){true})
+          filter = options.get_next_argument('filter', mandatory: false, validation: Proc, default: ->(_x){true})
           # translate box name to API prefix (with ending slash)
           box = options.get_option(:box)
           real_path =
             case box
-            when ExtendedValue::ALL then 'packages' # only admin can list all packages globally
+            when SpecialValues::ALL then 'packages' # only admin can list all packages globally
             when *API_LIST_MAILBOX_TYPES then "#{box}/packages"
             else
               group_type = options.get_option(:group_type)
@@ -335,12 +339,12 @@ module Aspera
           end
           packages = []
           case package_ids
-          when ExtendedValue::INIT
+          when SpecialValues::INIT
             Aspera.assert(skip_ids_persistency){'Only with option once_only'}
             skip_ids_persistency.data.clear.concat(list_packages_with_filter.map{|p|p['id']})
             skip_ids_persistency.save
             return Main.result_status("Initialized skip for #{skip_ids_persistency.data.count} package(s)")
-          when ExtendedValue::ALL
+          when SpecialValues::ALL
             # TODO: if packages have same name, they will overwrite ?
             packages = list_packages_with_filter(query: {'status' => 'completed'})
             Log.log.trace1{Log.dump(:package_ids, packages.map{|p|p['id']})}
@@ -381,8 +385,9 @@ module Aspera
               operation:   'POST',
               subpath:     "packages/#{pkg_id}/transfer_spec/download",
               headers:     {'Accept' => 'application/json'},
-              url_params:  download_params,
-              json_params: param_file_list
+              query:       download_params,
+              body:        param_file_list,
+              body_type:   :json
             )[:data]
             # delete flag for Connect Client
             transfer_spec.delete('authentication')
@@ -400,7 +405,7 @@ module Aspera
         # browse a folder
         # @param browse_endpoint [String] the endpoint to browse
         def browse_folder(browse_endpoint)
-          path = options.get_next_argument('folder path', mandatory: false, default: '/')
+          folders_to_process = [options.get_next_argument('folder path', mandatory: false, default: '/')]
           query = query_read_delete(default: {})
           query['filters'] = {} unless query.key?('filters')
           filters = query.delete('filters')
@@ -409,17 +414,16 @@ module Aspera
           max_items = query.delete('max')
           recursive = query.delete('recursive')
           all_items = []
-          folders_to_process = [path]
           until folders_to_process.empty?
             path = folders_to_process.shift
-            query.delete('iteration_token')
             loop do
               response = @api_v5.call(
                 operation:   'POST',
                 subpath:     browse_endpoint,
-                headers:     {'Accept' => 'application/json', 'Content-Type' => 'application/json'},
-                url_params:  query,
-                json_params: {'path' => path, 'filters' => filters})
+                headers:     {'Accept' => 'application/json'},
+                query:       query,
+                body:        {'path' => path, 'filters' => filters},
+                body_type:   :json)
               all_items.concat(response[:data]['items'])
               if recursive
                 folders_to_process.concat(response[:data]['items'].select{|i|i['type'].eql?('directory')}.map{|i|i['path']})
@@ -431,7 +435,9 @@ module Aspera
               iteration_token = response[:http][HEADER_ITERATION_TOKEN]
               break if iteration_token.nil? || iteration_token.empty?
               query['iteration_token'] = iteration_token
+              formatter.long_operation_running(all_items.count)
             end
+            query.delete('iteration_token')
           end
           return {type: :object_list, data: all_items}
         end
@@ -459,9 +465,14 @@ module Aspera
             ids = package_id
             ids = [ids] unless ids.is_a?(Array)
             Aspera.assert_type(ids, Array){'Package identifier'}
-            Aspera.assert(ids.all?(String)){'Package id shall be String'}
+            Aspera.assert(ids.all?(String)){"Package id(s) shall be String, but have: #{ids.map(&:class).uniq.join(', ')}"}
             # API returns 204, empty on success
-            @api_v5.call(operation: 'DELETE', subpath: 'packages', headers: {'Accept' => 'application/json'}, json_params: {ids: ids})
+            @api_v5.call(
+              operation: 'DELETE',
+              subpath:   'packages',
+              headers:   {'Accept' => 'application/json'},
+              body:      {ids: ids},
+              body_type: :json)
             return Main.result_status('Package(s) deleted')
           when :receive
             return package_receive(package_id)
@@ -483,8 +494,9 @@ module Aspera
                 operation:   'POST',
                 subpath:     "packages/#{package['id']}/transfer_spec/upload",
                 headers:     {'Accept' => 'application/json'},
-                url_params:  {transfer_type: TRANSFER_CONNECT},
-                json_params: {paths: transfer.source_list}
+                query:       {transfer_type: TRANSFER_CONNECT},
+                body:        {paths: transfer.source_list},
+                body_type:   :json
               )[:data]
               # well, we asked a TS for connect, but we actually want a generic one
               transfer_spec.delete('authentication')
@@ -492,7 +504,10 @@ module Aspera
             else
               # send from remote shared folder
               if (m = shared_folder.match(REGEX_LOOKUP_ID_BY_FIELD))
-                shared_folder = lookup_entity_by_field(type: 'shared_folders', value: m[2])['id']
+                shared_folder = lookup_entity_by_field(
+                  type: 'shared_folders',
+                  field: m[1],
+                  value: ExtendedValue.instance.evaluate(m[2]))['id']
               end
               transfer_request = {shared_folder_id: shared_folder, paths: transfer.source_list}
               # start remote transfer and get first status
@@ -510,7 +525,176 @@ module Aspera
               data:   list_packages_with_filter,
               fields: %w[id title release_date total_bytes total_files created_time state]
             }
-          end # case package
+          end
+        end
+
+        def execute_resource(res_type)
+          list_key = res_path = res_type.to_s
+          id_as_arg = false
+          display_fields = nil
+          adm_api = @api_v5
+          res_id_query = :default
+          delete_style = nil
+          available_commands = [].concat(Plugin::ALL_OPS)
+          case res_type
+          when :metadata_profiles
+            res_path = 'configuration/metadata_profiles'
+            list_key = 'profiles'
+          when :alternate_addresses
+            res_path = 'configuration/alternate_addresses'
+          when :distribution_lists
+            res_path = 'account/distribution_lists'
+            list_key = 'distribution_lists'
+            delete_style = 'ids'
+          when :email_notifications
+            list_key = false
+            id_as_arg = 'type'
+          when :accounts
+            display_fields = Formatter.all_but('user_profile_data_attributes')
+          when :oauth_clients
+            display_fields = Formatter.all_but('public_key')
+            adm_api = Rest.new(**@api_v5.params.merge(base_url: "#{@faspex5_api_base_url}/#{PATH_AUTH}"))
+          when :shared_inboxes, :workgroups
+            available_commands.push(:members, :saml_groups, :invite_external_collaborator)
+            res_id_query = {'all': true}
+          when :nodes
+            available_commands.push(:shared_folders, :browse)
+          end
+          res_command = options.get_next_command(available_commands)
+          case res_command
+          when *Plugin::ALL_OPS
+            return entity_command(
+              res_command, adm_api, res_path, item_list_key: list_key, display_fields: display_fields, id_as_arg: id_as_arg,
+              delete_style: delete_style) do |field, value|
+                     lookup_entity_by_field(
+                       type: res_type, value: value, field: field, real_path: res_path, item_list_key: list_key, query: res_id_query)['id']
+                   end
+          when :shared_folders
+            node_id = instance_identifier do |field, value|
+              lookup_entity_by_field(type: res_type, field: field, value: value)['id']
+            end
+            sh_path = "#{res_path}/#{node_id}/shared_folders"
+            sh_command = options.get_next_command([:user].concat(Plugin::ALL_OPS))
+            case sh_command
+            when *Plugin::ALL_OPS
+              return entity_command(sh_command, adm_api, sh_path, item_list_key: 'shared_folders') do |field, value|
+                       lookup_entity_by_field(type: 'shared_folders', real_path: sh_path, field: field, value: value)['id']
+                     end
+            when :user
+              sh_id = instance_identifier do |field, value|
+                lookup_entity_by_field(type: 'shared_folders', real_path: sh_path, field: field, value: value)['id']
+              end
+              user_path = "#{sh_path}/#{sh_id}/custom_access_users"
+              return entity_action(adm_api, user_path, item_list_key: 'users') do |field, value|
+                       lookup_entity_by_field(type: 'users', real_path: user_path, field: field, value: value)['id']
+                     end
+
+            end
+          when :browse
+            return browse_folder("#{res_path}/#{instance_identifier}/browse")
+          when :invite_external_collaborator
+            shared_inbox_id = instance_identifier { |field, value| lookup_entity_by_field(type: res_type.to_s, field: field, value: value, query: res_id_query)['id']}
+            creation_payload = value_create_modify(command: res_command, type: [Hash, String])
+            creation_payload = {'email_address' => creation_payload} if creation_payload.is_a?(String)
+            res_path = "#{res_type}/#{shared_inbox_id}/external_collaborator"
+            result = adm_api.create(res_path, creation_payload)[:data]
+            formatter.display_status(result['message'])
+            result = lookup_entity_by_field(
+              type: 'members',
+              real_path: "#{res_type}/#{shared_inbox_id}/members",
+              value: creation_payload['email_address'],
+              query: {})
+            return {type: :single_object, data: result}
+          when :members, :saml_groups
+            res_id = instance_identifier { |field, value| lookup_entity_by_field(type: res_type.to_s, field: field, value: value, query: res_id_query)['id']}
+            res_prefix = "#{res_type}/#{res_id}"
+            res_path = "#{res_prefix}/#{res_command}"
+            list_key = res_command.to_s
+            list_key = 'groups' if res_command.eql?(:saml_groups)
+            sub_command = options.get_next_command(%i[create list modify delete])
+            if sub_command.eql?(:create) && options.get_option(:value).nil?
+              raise "use option 'value' to provide saml group_id and access (refer to API)" unless res_command.eql?(:members)
+              # first arg is one user name or list of users
+              users = options.get_next_argument('user id, %name:, or Array')
+              users = [users] unless users.is_a?(Array)
+              users = users.map do |user|
+                if (m = user.match(REGEX_LOOKUP_ID_BY_FIELD))
+                  lookup_entity_by_field(
+                    type: 'accounts',
+                    field: m[1],
+                    value: ExtendedValue.instance.evaluate(m[2]),
+                    query: {type: Rest.array_params(%w{local_user saml_user self_registered_user external_user})})['id']
+                else
+                  # it's the user id (not member id...)
+                  user
+                end
+              end
+              access = options.get_next_argument('level', mandatory: false, accept_list: %i[submit_only standard shared_inbox_admin], default: :standard)
+              # TODO: unshift to command line parameters instead of using deprecated option "value"
+              options.set_option(:value, {user: users.map{|u|{id: u, access: access}}})
+            end
+            return entity_command(sub_command, adm_api, res_path, item_list_key: list_key) do |field, value|
+                     lookup_entity_by_field(
+                       type: 'accounts',
+                       field: field,
+                       value: value,
+                       query: {type: Rest.array_params(%w{local_user saml_user self_registered_user external_user})})['id']
+                   end
+          end
+        end
+
+        def execute_admin
+          command = options.get_next_command(%i[configuration smtp resource events clean_deleted].concat(ADMIN_RESOURCES).freeze)
+          case command
+          when :resource
+            # resource will be deprecated
+            Log.log.warn('resource command is deprecated (4.18), directly use the specific command instead')
+            return execute_resource(options.get_next_command(ADMIN_RESOURCES))
+          when *ADMIN_RESOURCES
+            return execute_resource(command)
+          when :clean_deleted
+            delete_data = value_create_modify(command: command, default: {days_before_deleting_package_records: 365})
+            res = @api_v5.create('internal/packages/clean_deleted', delete_data)
+            return {type: :single_object, data: res[:data]}
+          when :events
+            event_type = options.get_next_command(%i[application webhook])
+            case event_type
+            when :application
+              return {type: :object_list, data: list_entities(type: 'application_events'), fields: %w[event_type created_at application user.name]}
+            when :webhook
+              return {type: :object_list, data: list_entities(type: 'all_webhooks_events', item_list_key: 'events')}
+            end
+          when :configuration
+            conf_path = 'configuration'
+            conf_cmd = options.get_next_command(%i[show modify])
+            case conf_cmd
+            when :show
+              return { type: :single_object, data: @api_v5.read(conf_path)[:data] }
+            when :modify
+              return { type: :single_object, data: @api_v5.update(conf_path, value_create_modify(command: conf_cmd))[:data] }
+            end
+          when :smtp
+            smtp_path = 'configuration/smtp'
+            smtp_cmd = options.get_next_command(%i[show create modify delete test])
+            case smtp_cmd
+            when :show
+              return { type: :single_object, data: @api_v5.read(smtp_path)[:data] }
+            when :create
+              return { type: :single_object, data: @api_v5.create(smtp_path, value_create_modify(command: smtp_cmd))[:data] }
+            when :modify
+              return { type: :single_object, data: @api_v5.update(smtp_path, value_create_modify(command: smtp_cmd))[:data] }
+            when :delete
+              @api_v5.delete(smtp_path)[:data]
+              return Main.result_status('SMTP configuration deleted')
+            when :test
+              test_data = options.get_next_argument('Email or test data, see API')
+              test_data = {test_email_recipient: test_data} if test_data.is_a?(String)
+              creation = @api_v5.create(File.join(smtp_path, 'test'), test_data)[:data]
+              result = wait_for_job(creation['job_id'])
+              result['serialized_args'] = JSON.parse(result['serialized_args']) rescue result['serialized_args']
+              return { type: :single_object, data: result }
+            end
+          end
         end
 
         ACTIONS = %i[health version user bearer_token packages shared_folders admin gateway postprocessing invitations].freeze
@@ -541,12 +725,12 @@ module Aspera
               when :show
                 return { type: :single_object, data: @api_v5.read('account/preferences')[:data] }
               when :modify
-                @api_v5.update('account/preferences', options.get_next_argument('modified parameters', type: Hash))
+                @api_v5.update('account/preferences', options.get_next_argument('modified parameters', validation: Hash))
                 return Main.result_status('modified')
               end
             end
           when :bearer_token
-            return {type: :text, data: @api_v5.oauth_token}
+            return {type: :text, data: @api_v5.oauth.token}
           when :packages
             return package_action
           when :shared_folders
@@ -566,117 +750,7 @@ module Aspera
               return browse_folder("nodes/#{node['node_id']}/shared_folders/#{shared_folder_id}/browse")
             end
           when :admin
-            case options.get_next_command(%i[resource smtp].freeze)
-            when :resource
-              res_type = options.get_next_command(ADMIN_RESOURCES)
-              res_path = list_key = res_type.to_s
-              id_as_arg = false
-              display_fields = nil
-              adm_api = @api_v5
-              special_query = :default
-              available_commands = [].concat(Plugin::ALL_OPS)
-              case res_type
-              when :metadata_profiles
-                res_path = 'configuration/metadata_profiles'
-                list_key = 'profiles'
-              when :alternate_addresses
-                res_path = 'configuration/alternate_addresses'
-              when :email_notifications
-                list_key = false
-                id_as_arg = 'type'
-              when :accounts
-                display_fields = Formatter.all_but('user_profile_data_attributes')
-              when :oauth_clients
-                display_fields = Formatter.all_but('public_key')
-                adm_api = Rest.new(**@api_v5.params.merge(base_url: "#{@faspex5_api_base_url}/#{PATH_AUTH}"))
-              when :shared_inboxes, :workgroups
-                available_commands.push(:members, :saml_groups, :invite_external_collaborator)
-                special_query = {'all': true}
-              when :nodes
-                available_commands.push(:shared_folders, :browse)
-              end
-              res_command = options.get_next_command(available_commands)
-              case res_command
-              when *Plugin::ALL_OPS
-                return entity_command(res_command, adm_api, res_path, item_list_key: list_key, display_fields: display_fields, id_as_arg: id_as_arg) do |field, value|
-                  lookup_entity_by_field(
-                    type: res_type, real_path: res_path, field: field, value: value, query: special_query)['id']
-                end
-              when :shared_folders
-                node_id = instance_identifier do |field, value|
-                  lookup_entity_by_field(type: res_type.to_s, field: field, value: value)['id']
-                end
-                sh_path = "#{res_path}/#{node_id}/shared_folders"
-                return entity_action(adm_api, sh_path, item_list_key: 'shared_folders') do |field, value|
-                         lookup_entity_by_field(
-                           type: 'shared_folders', real_path: sh_path, field: field, value: value)['id']
-                       end
-              when :browse
-                return browse_folder("#{res_path}/#{instance_identifier}/browse")
-              when :invite_external_collaborator
-                shared_inbox_id = instance_identifier { |field, value| lookup_entity_by_field(type: res_type.to_s, field: field, value: value)['id']}
-                creation_payload = value_create_modify(command: res_command, type: [Hash, String])
-                creation_payload = {'email_address' => creation_payload} if creation_payload.is_a?(String)
-                res_path = "#{res_type}/#{shared_inbox_id}/external_collaborator"
-                result = adm_api.create(res_path, creation_payload)[:data]
-                formatter.display_status(result['message'])
-                result = lookup_entity_by_field(
-                  type: 'members', real_path: "#{res_type}/#{shared_inbox_id}/members", value: creation_payload['email_address'],
-                  query: {})
-                return {type: :single_object, data: result}
-              when :members, :saml_groups
-                res_id = instance_identifier { |field, value| lookup_entity_by_field(type: res_type.to_s, field: field, value: value)['id']}
-                res_prefix = "#{res_type}/#{res_id}"
-                res_path = "#{res_prefix}/#{res_command}"
-                list_key = res_command.to_s
-                list_key = 'groups' if res_command.eql?(:saml_groups)
-                sub_command = options.get_next_command(%i[create list modify delete])
-                if sub_command.eql?(:create) && options.get_option(:value).nil?
-                  raise "use option 'value' to provide saml group_id and access (refer to API)" unless res_command.eql?(:members)
-                  # first arg is one user name or list of users
-                  users = options.get_next_argument('user id, or email, or list of')
-                  users = [users] unless users.is_a?(Array)
-                  users = users.map do |user|
-                    if (m = user.match(REGEX_LOOKUP_ID_BY_FIELD))
-                      lookup_entity_by_field(
-                        type: 'accounts', field: m[1], value: m[2],
-                        query: {type: Rest.array_params(%w{local_user saml_user self_registered_user external_user})})['id']
-                    else
-                      # it's the user id (not member id...)
-                      user
-                    end
-                  end
-                  access = options.get_next_argument('level', mandatory: false, expected: %i[submit_only standard shared_inbox_admin], default: :standard)
-                  # TODO: unshift to command line parameters instead of using deprecated option "value"
-                  options.set_option(:value, {user: users.map{|u|{id: u, access: access}}})
-                end
-                return entity_command(sub_command, adm_api, res_path, item_list_key: list_key) do |field, value|
-                         lookup_entity_by_field(
-                           type: 'accounts', field: field, value: value,
-                           query: {type: Rest.array_params(%w{local_user saml_user self_registered_user external_user})})['id']
-                       end
-              end
-            when :smtp
-              smtp_path = 'configuration/smtp'
-              smtp_cmd = options.get_next_command(%i[show create modify delete test])
-              case smtp_cmd
-              when :show
-                return { type: :single_object, data: @api_v5.read(smtp_path)[:data] }
-              when :create
-                return { type: :single_object, data: @api_v5.create(smtp_path, value_create_modify(command: smtp_cmd))[:data] }
-              when :modify
-                return { type: :single_object, data: @api_v5.update(smtp_path, value_create_modify(command: smtp_cmd))[:data] }
-              when :delete
-                return { type: :single_object, data: @api_v5.delete(smtp_path)[:data] }
-              when :test
-                test_data = options.get_next_argument('Email or test data, see API')
-                test_data = {test_email_recipient: test_data} if test_data.is_a?(String)
-                creation = @api_v5.create(File.join(smtp_path, 'test'), test_data)[:data]
-                result = wait_for_job(creation['job_id'])
-                result['serialized_args'] = JSON.parse(result['serialized_args']) rescue result['serialized_args']
-                return { type: :single_object, data: result }
-              end
-            end
+            return execute_admin
           when :invitations
             invitation_endpoint = 'invitations'
             invitation_command = options.get_next_command(%i[resend].concat(Plugin::ALL_OPS))
@@ -692,7 +766,9 @@ module Aspera
             else
               return entity_command(
                 invitation_command, @api_v5, invitation_endpoint, item_list_key: invitation_endpoint,
-                display_fields: %w[id public recipient_type recipient_name email_address])
+                display_fields: %w[id public recipient_type recipient_name email_address]) do |field, value|
+                  lookup_entity_by_field(type: invitation_endpoint, field: field, value: value, query: {})['id']
+                end
             end
           when :gateway
             require 'aspera/faspex_gw'
@@ -714,9 +790,9 @@ module Aspera
             server.mount(uri.path, Faspex4PostProcServlet, parameters[:processing])
             server.start
             return Main.result_status('Gateway terminated')
-          end # case command
-        end # action
-      end # Faspex5
-    end # Plugins
-  end # Cli
-end # Aspera
+          end
+        end
+      end
+    end
+  end
+end

data/lib/aspera/cli/plugins/faspio.rb

@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+require 'aspera/rest'
+require 'aspera/nagios'
+require 'aspera/cli/basic_auth_plugin'
+
+module Aspera
+  module Cli
+    module Plugins
+      class Faspio < BasicAuthPlugin
+        class << self
+          def application_name
+            'faspio Gateway'
+          end
+
+          def detect(base_url)
+            api = Rest.new(base_url: base_url)
+            ping_result = api.read('ping')
+            server_type = ping_result[:http]['Server']
+            return nil unless ping_result[:data].is_a?(Hash) && ping_result[:data].empty?
+            return nil unless server_type.is_a?(String) && server_type.include?('faspio')
+            return {
+              version: server_type.gsub(%r{^.*/}, ''),
+              url:     base_url
+            }
+          end
+        end
+        ACTIONS = %i[health bridges].freeze
+
+        def initialize(**env)
+          super
+          options.declare(:auth, 'OAuth type of authentication', values: %i[jwt basic])
+          options.declare(:client_id, 'OAuth client identifier')
+          options.declare(:private_key, 'OAuth JWT RSA private key PEM value (prefix file path with @file:)')
+          options.declare(:passphrase, 'OAuth JWT RSA private key passphrase')
+          options.parse_options!
+        end
+
+        def execute_action
+          base_url = options.get_option(:url, mandatory: true)
+          api =
+            case options.get_option(:auth, mandatory: true)
+            when :basic
+              basic_auth_api
+            when :jwt
+              app_client_id = options.get_option(:client_id, mandatory: true)
+              Rest.new(
+                base_url: base_url,
+                auth:     {
+                  type:            :oauth2,
+                  grant_method:    :jwt,
+                  base_url:        "#{base_url}/auth",
+                  client_id:       app_client_id,
+                  use_query:       true,
+                  payload:         {
+                    iss: app_client_id, # issuer
+                    sub: app_client_id  # subject
+                  },
+                  private_key_obj: OpenSSL::PKey::RSA.new(options.get_option(:private_key, mandatory: true), options.get_option(:passphrase)),
+                  headers:         {typ: 'JWT'}
+                })
+            end
+          command = options.get_next_command(ACTIONS)
+          case command
+          when :health
+            nagios = Nagios.new
+            begin
+              result = api.read('ping')[:data]
+              if result.is_a?(Hash) && result.empty?
+                nagios.add_ok('api', 'answered ok')
+              else
+                nagios.add_critical('api', 'not expected answer')
+              end
+            rescue StandardError => e
+              nagios.add_critical('api', e.to_s)
+            end
+            return nagios.result
+          when :bridges
+            return entity_action(api, 'bridges')
+          end
+        end
+      end
+    end
+  end
+end