conjur-cli 2.4.0 → 2.4.1
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/conjur/cli.rb +1 -1
- data/lib/conjur/command/resources.rb +5 -0
- data/lib/conjur/command/roles.rb +7 -2
- data/lib/conjur/version.rb +1 -1
- data/spec/command/roles_spec.rb +58 -26
- metadata +3 -3
data/lib/conjur/cli.rb
CHANGED
@@ -50,7 +50,7 @@ module Conjur
|
|
50
50
|
if as_role = options.delete(:"as-role")
|
51
51
|
role = Conjur::Command.api.role(as_role)
|
52
52
|
exit_now!("Role '#{as_role}' does not exist, or you don't have permission to use it") unless role.exists?
|
53
|
-
options[:"ownerid"] = role.
|
53
|
+
options[:"ownerid"] = role.roleid
|
54
54
|
end
|
55
55
|
|
56
56
|
true
|
@@ -14,6 +14,11 @@ class Conjur::Command::Resources < Conjur::Command
|
|
14
14
|
kind = require_arg(args, "kind")
|
15
15
|
id = require_arg(args, "resource-id")
|
16
16
|
resource = api.resource([ conjur_account, kind, id ].join(':'))
|
17
|
+
|
18
|
+
if ownerid = options.delete(:ownerid)
|
19
|
+
options[:acting_as] = ownerid
|
20
|
+
end
|
21
|
+
|
17
22
|
resource.create(options)
|
18
23
|
display resource.attributes
|
19
24
|
end
|
data/lib/conjur/command/roles.rb
CHANGED
@@ -12,6 +12,11 @@ class Conjur::Command::Roles < Conjur::Command
|
|
12
12
|
c.action do |global_options,options,args|
|
13
13
|
id = require_arg(args, 'role')
|
14
14
|
role = api.role(id)
|
15
|
+
|
16
|
+
if ownerid = options.delete(:ownerid)
|
17
|
+
options[:acting_as] = ownerid
|
18
|
+
end
|
19
|
+
|
15
20
|
role.create(options)
|
16
21
|
puts "Created #{role}"
|
17
22
|
end
|
@@ -41,11 +46,11 @@ class Conjur::Command::Roles < Conjur::Command
|
|
41
46
|
arg_name "role"
|
42
47
|
command :members do |c|
|
43
48
|
c.desc "Verbose output"
|
44
|
-
c.switch [:
|
49
|
+
c.switch [:V,:verbose]
|
45
50
|
|
46
51
|
c.action do |global_options,options,args|
|
47
52
|
role = args.shift || api.user(api.username).roleid
|
48
|
-
result = if options[:
|
53
|
+
result = if options[:V]
|
49
54
|
api.role(role).members.collect {|member|
|
50
55
|
{
|
51
56
|
member: member.member.roleid,
|
data/lib/conjur/version.rb
CHANGED
data/spec/command/roles_spec.rb
CHANGED
@@ -1,40 +1,72 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Conjur::Command::Roles, logged_in: true do
|
4
|
-
let(:all_roles) { %w(foo:user:joerandom foo:something:cool foo:something:else foo:group:admins) }
|
5
|
-
let(:role) do
|
6
|
-
double "the role", all: all_roles.map{|r| double r, roleid: r }
|
7
|
-
end
|
8
|
-
|
9
|
-
before do
|
10
|
-
api.stub(:role).with(rolename).and_return role
|
11
|
-
end
|
12
4
|
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
JSON::parse(expect { invoke }.to write).should == all_roles
|
5
|
+
describe "role:create" do
|
6
|
+
describe_command "role:create test:the-role" do
|
7
|
+
it "creates the role with no options" do
|
8
|
+
Conjur::Role.any_instance.should_receive(:create).with({})
|
9
|
+
|
10
|
+
invoke
|
20
11
|
end
|
21
12
|
end
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
13
|
+
describe_command "role:create --as-role test:foo test:the-role" do
|
14
|
+
it "creates the role with acting_as option" do
|
15
|
+
api.should_receive(:role).with("test:foo").and_return double("test:foo", exists?: true, roleid: "test:test:foo")
|
16
|
+
api.should_receive(:role).with("test:the-role").and_return role = double("new-role")
|
17
|
+
role.should_receive(:create).with({acting_as: "test:test:foo"})
|
18
|
+
|
19
|
+
invoke
|
20
|
+
end
|
21
|
+
end
|
22
|
+
describe_command "role:create --as-group the-group test:the-role" do
|
23
|
+
it "creates the role with with acting_as option" do
|
24
|
+
api.should_receive(:group).with("the-group").and_return group = double("the-group", roleid: "test:group:the-group")
|
25
|
+
api.should_receive(:role).with(group.roleid).and_return double("group:the-group", exists?: true, roleid: "test:group:the-group")
|
26
|
+
api.should_receive(:role).with("test:the-role").and_return role = double("new-role")
|
27
|
+
role.should_receive(:create).with({acting_as: "test:group:the-group"})
|
28
|
+
|
29
|
+
invoke
|
27
30
|
end
|
28
31
|
end
|
29
32
|
end
|
30
33
|
|
31
|
-
|
32
|
-
let(:
|
33
|
-
let(:
|
34
|
+
describe "role:memberships" do
|
35
|
+
let(:all_roles) { %w(foo:user:joerandom foo:something:cool foo:something:else foo:group:admins) }
|
36
|
+
let(:role) do
|
37
|
+
double "the role", all: all_roles.map{|r| double r, roleid: r }
|
38
|
+
end
|
39
|
+
|
40
|
+
before do
|
41
|
+
api.stub(:role).with(rolename).and_return role
|
42
|
+
end
|
34
43
|
|
35
|
-
|
36
|
-
|
37
|
-
|
44
|
+
context "when logged in as a user" do
|
45
|
+
let(:username) { "joerandom" }
|
46
|
+
let(:rolename) { "user:joerandom" }
|
47
|
+
|
48
|
+
describe_command "role:memberships" do
|
49
|
+
it "lists all roles" do
|
50
|
+
JSON::parse(expect { invoke }.to write).should == all_roles
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
describe_command "role:memberships foo:bar" do
|
55
|
+
let(:rolename) { 'foo:bar' }
|
56
|
+
it "lists all roles of foo:bar" do
|
57
|
+
JSON::parse(expect { invoke }.to write).should == all_roles
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
context "when logged in as a host" do
|
63
|
+
let(:username) { "host/foobar" }
|
64
|
+
let(:rolename) { "host:foobar" }
|
65
|
+
|
66
|
+
describe_command "role:memberships" do
|
67
|
+
it "lists all roles" do
|
68
|
+
JSON::parse(expect { invoke }.to write).should == all_roles
|
69
|
+
end
|
38
70
|
end
|
39
71
|
end
|
40
72
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conjur-cli
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.4.
|
4
|
+
version: 2.4.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -246,7 +246,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
246
246
|
version: '0'
|
247
247
|
segments:
|
248
248
|
- 0
|
249
|
-
hash: -
|
249
|
+
hash: -619613034249408123
|
250
250
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
251
251
|
none: false
|
252
252
|
requirements:
|
@@ -255,7 +255,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
255
255
|
version: '0'
|
256
256
|
segments:
|
257
257
|
- 0
|
258
|
-
hash: -
|
258
|
+
hash: -619613034249408123
|
259
259
|
requirements: []
|
260
260
|
rubyforge_project:
|
261
261
|
rubygems_version: 1.8.25
|