conjur-cli 2.1.5 → 2.1.6
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/conjur/command/assets.rb +42 -1
- data/lib/conjur/version.rb +1 -1
- metadata +2 -2
|
@@ -13,7 +13,7 @@ class Conjur::Command::Assets < Conjur::Command
|
|
|
13
13
|
kind = require_arg(args, 'kind').gsub('-', '_')
|
|
14
14
|
|
|
15
15
|
m = "create_#{kind}"
|
|
16
|
-
record = if api.method(m).arity
|
|
16
|
+
record = if [ 1, -1 ].member?(api.method(m).arity)
|
|
17
17
|
id = args.shift
|
|
18
18
|
if id
|
|
19
19
|
options[:id] = id
|
|
@@ -57,4 +57,45 @@ class Conjur::Command::Assets < Conjur::Command
|
|
|
57
57
|
end
|
|
58
58
|
end
|
|
59
59
|
end
|
|
60
|
+
|
|
61
|
+
desc "Add a member to an asset"
|
|
62
|
+
arg_name "kind id role-name member"
|
|
63
|
+
command :"members:add" do |c|
|
|
64
|
+
c.desc "Grant with admin option"
|
|
65
|
+
c.flag [:a, :admin]
|
|
66
|
+
|
|
67
|
+
c.action do |global_options, options, args|
|
|
68
|
+
kind = require_arg(args, "kind").gsub('-', '_')
|
|
69
|
+
id = require_arg(args, "resource-id")
|
|
70
|
+
role_name = require_arg(args, 'role-name')
|
|
71
|
+
member = require_arg(args, 'member')
|
|
72
|
+
admin_option = !options.delete(:admin).nil?
|
|
73
|
+
|
|
74
|
+
asset = api.send(kind, id)
|
|
75
|
+
tokens = [ asset.resource_kind, asset.resource_id, role_name ]
|
|
76
|
+
grant_role = [ asset.core_conjur_account, '@', tokens.join('/') ].join(':')
|
|
77
|
+
api.role(grant_role).grant_to member, admin_option
|
|
78
|
+
|
|
79
|
+
puts "Membership granted"
|
|
80
|
+
end
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
desc "Remove a member from an asset"
|
|
84
|
+
arg_name "kind id role-name member"
|
|
85
|
+
command :"members:remove" do |c|
|
|
86
|
+
c.action do |global_options, options, args|
|
|
87
|
+
kind = require_arg(args, "kind").gsub('-', '_')
|
|
88
|
+
id = require_arg(args, "resource-id")
|
|
89
|
+
role_name = require_arg(args, 'role-name')
|
|
90
|
+
member = require_arg(args, 'member')
|
|
91
|
+
admin_option = !options.delete(:admin).nil?
|
|
92
|
+
|
|
93
|
+
asset = api.send(kind, id)
|
|
94
|
+
tokens = [ asset.resource_kind, asset.resource_id, role_name ]
|
|
95
|
+
grant_role = [ asset.core_conjur_account, '@', tokens.join('/') ].join(':')
|
|
96
|
+
api.role(grant_role).revoke_from member
|
|
97
|
+
|
|
98
|
+
puts "Membership revoked"
|
|
99
|
+
end
|
|
100
|
+
end
|
|
60
101
|
end
|
data/lib/conjur/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: conjur-cli
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.6
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2013-05-
|
|
13
|
+
date: 2013-05-17 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: conjur-api
|