enfcli 4.1.0.pre.beta → 5.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +4 -4
- data/lib/enfapi.rb +127 -169
- data/lib/enfapi/dns.rb +95 -0
- data/lib/enfapi/firewall.rb +37 -0
- data/lib/enfapi/user.rb +75 -0
- data/lib/enfcli.rb +51 -24
- data/lib/enfcli/commands/captive.rb +375 -14
- data/lib/enfcli/commands/user.rb +198 -153
- data/lib/enfcli/commands/xcr.rb +67 -48
- data/lib/enfcli/commands/xdns.rb +17 -10
- data/lib/enfcli/commands/xfw.rb +6 -3
- data/lib/enfcli/version.rb +2 -2
- metadata +7 -4
data/lib/enfcli/commands/user.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
#
|
2
|
-
# Copyright 2018 Xaptum,Inc
|
2
|
+
# Copyright 2018-2020 Xaptum,Inc
|
3
3
|
#
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
5
|
# you may not use this file except in compliance with the License.
|
@@ -14,170 +14,138 @@
|
|
14
14
|
# limitations under the License.
|
15
15
|
#
|
16
16
|
require "enfthor"
|
17
|
-
require "enfapi"
|
17
|
+
require "enfapi/user"
|
18
18
|
|
19
19
|
module EnfCli
|
20
20
|
module Cmd
|
21
|
+
##
|
22
|
+
# This class handles the commands that maniupulate users and roles
|
21
23
|
class User < EnfThor
|
22
24
|
no_commands {
|
23
25
|
def display_invites(invites)
|
24
26
|
headings = ["Id", "User Name", "Full Name", "Invited By", "Invite Code"]
|
25
27
|
rows = invites.map { |hash|
|
26
|
-
[hash[:id], hash[:email], hash[:name], hash[:
|
28
|
+
[hash[:id], hash[:email], hash[:name], hash[:created_by], hash[:invite_token]]
|
27
29
|
}
|
28
30
|
|
29
31
|
render_table(headings, rows)
|
30
32
|
end
|
31
33
|
|
32
34
|
def display_users(users)
|
33
|
-
headings = ["Id", "
|
34
|
-
rows =
|
35
|
-
|
36
|
-
|
37
|
-
|
35
|
+
headings = ["Id", "Name", "Username", "Domain", "Last Login", "Status"]
|
36
|
+
rows = []
|
37
|
+
users.each do |hash|
|
38
|
+
hash[:roles].each do |role|
|
39
|
+
rows.push [hash[:id],
|
40
|
+
hash[:full_name],
|
41
|
+
hash[:username],
|
42
|
+
hash[:domain],
|
43
|
+
hash[:last_login],
|
44
|
+
hash[:status]]
|
45
|
+
end
|
46
|
+
end
|
38
47
|
render_table(headings, rows)
|
39
48
|
end
|
40
49
|
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
# get params
|
46
|
-
name = options[:'name'].join(" ").gsub(/\A"+(.*?)"+\Z/m, '\1')
|
47
|
-
email = options[:'email']
|
48
|
-
|
49
|
-
# call api
|
50
|
-
hash = { :email => email, :full_name => name, :welcome_text => "", :user_type => user_type }
|
51
|
-
data = EnfApi::API.instance.invite domain_network, hash
|
52
|
-
invite = data[:data]
|
53
|
-
display_invites invite
|
54
|
-
end
|
55
|
-
}
|
56
|
-
|
57
|
-
desc "invite-read-only-user", "Invite a domain user"
|
58
|
-
method_option :domain, :default => nil, :type => :string, :aliases => "-d"
|
59
|
-
method_option :'name', :type => :array, :required => true, :banner => "NAME"
|
60
|
-
method_option :'email', :type => :string, :required => true, :banner => "EMAIL"
|
50
|
+
# Display the roles as a table
|
51
|
+
def display_roles(roles)
|
52
|
+
headings = ["Cidr", "Role"]
|
61
53
|
|
62
|
-
|
63
|
-
|
64
|
-
# use the domain network of the user
|
65
|
-
domain_network = EnfCli::CTX.instance.session[:domain_network]
|
66
|
-
raise EnfCli::ERROR, "User not in a valid domain!" unless domain_network
|
67
|
-
|
68
|
-
# Get user role
|
69
|
-
user_role = EnfCli::CTX.instance.session[:type]
|
70
|
-
|
71
|
-
# check user roles
|
72
|
-
if user_role == "XAPTUM_ADMIN"
|
73
|
-
raise "--domain is required" unless options[:domain]
|
74
|
-
else
|
75
|
-
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow if options[:domain]
|
76
|
-
options[:domain] = domain_network
|
54
|
+
rows = roles.map do |role|
|
55
|
+
[role[:cidr], role[:role]]
|
77
56
|
end
|
78
57
|
|
79
|
-
|
58
|
+
render_table(headings, rows)
|
80
59
|
end
|
81
|
-
end
|
82
|
-
|
83
|
-
desc "invite-domain-admin-user", "Invite a domain administrator"
|
84
|
-
method_option :domain, :default => nil, :type => :string, :aliases => "-d"
|
85
|
-
method_option :'name', :type => :array, :required => true, :banner => "NAME"
|
86
|
-
method_option :'email', :type => :string, :required => true, :banner => "EMAIL"
|
87
|
-
|
88
|
-
def invite_domain_admin_user
|
89
|
-
try_with_rescue_in_session do
|
90
|
-
# use the domain network of the user
|
91
|
-
domain_network = EnfCli::CTX.instance.session[:domain_network]
|
92
|
-
raise EnfCli::ERROR, "User not in a valid domain!" unless domain_network
|
93
|
-
|
94
|
-
# Get user role
|
95
|
-
user_role = EnfCli::CTX.instance.session[:type]
|
96
|
-
|
97
|
-
# check user roles
|
98
|
-
if user_role == "XAPTUM_ADMIN"
|
99
|
-
raise "--domain is required" unless options[:domain]
|
100
|
-
else
|
101
|
-
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow if options[:domain]
|
102
|
-
options[:domain] = domain_network
|
103
|
-
end
|
104
60
|
|
105
|
-
|
61
|
+
def display_user_details(user)
|
62
|
+
display_users([user])
|
63
|
+
display_roles(user[:roles])
|
106
64
|
end
|
107
|
-
|
108
|
-
|
109
|
-
desc "invite-enf-admin-user", "Invite an ENF administrator"
|
110
|
-
method_option :'name', :type => :array, :required => true, :banner => "NAME"
|
111
|
-
method_option :'email', :type => :string, :required => true, :banner => "EMAIL"
|
65
|
+
}
|
112
66
|
|
113
|
-
|
67
|
+
desc "send-invite",
|
68
|
+
"Send an invite to a new user or one with a modified role."
|
69
|
+
method_option :email, type: :string, required: true, banner: "EMAIL",
|
70
|
+
desc: "Full email address of user to invite."
|
71
|
+
method_option :name, type: :array, required: true, banner: "NAME",
|
72
|
+
desc: "Full name of user to invite."
|
73
|
+
method_option :domain, type: :string, default: nil, banner: "DOMAIN",
|
74
|
+
aliases: "-d"
|
75
|
+
method_option :network, type: :string, default: nil, banner: "NETWORK",
|
76
|
+
aliases: "-n"
|
77
|
+
method_option :role, type: :string, default: nil, banner: "ROLE",
|
78
|
+
aliases: "-r"
|
79
|
+
|
80
|
+
def send_invite
|
114
81
|
try_with_rescue_in_session do
|
115
|
-
#
|
116
|
-
|
117
|
-
|
118
|
-
raise EnfCli::ERROR, "Only ENF Administrators can invite ENF Administrator" unless user_role == "XAPTUM_ADMIN"
|
82
|
+
# get params
|
83
|
+
name = options[:name].join(" ").gsub(/\A"+(.*?)"+\Z/m, '\1')
|
84
|
+
email = options[:email]
|
119
85
|
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
end
|
86
|
+
# get correct domain
|
87
|
+
domain = EnfCli::CTX.instance.session[:domain]
|
88
|
+
raise EnfCli::ERROR, "User not in a valid domain!" unless domain
|
124
89
|
|
125
|
-
|
126
|
-
|
127
|
-
|
90
|
+
# check if admin
|
91
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
92
|
+
raise EnfCli::ERROR, "--domain is required" unless options[:domain]
|
128
93
|
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
94
|
+
domain = options[:domain]
|
95
|
+
elsif options[:domain]
|
96
|
+
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
97
|
+
end
|
133
98
|
|
134
|
-
|
99
|
+
invite_hash = { email: email,
|
100
|
+
full_name: name,
|
101
|
+
domain: domain }
|
135
102
|
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
end
|
103
|
+
role = options[:role]
|
104
|
+
role = role.upcase if role
|
105
|
+
network = options[:network]
|
140
106
|
|
141
|
-
|
142
|
-
method_option :'captive-domain', :type => :string, :required => true, :banner => "CAPTIVE CONTROL DOMAIN"
|
143
|
-
method_option :'name', :type => :array, :required => true, :banner => "NAME"
|
144
|
-
method_option :'email', :type => :string, :required => true, :banner => "EMAIL"
|
107
|
+
roles_hash = nil
|
145
108
|
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
109
|
+
case role
|
110
|
+
when "XAPTUM_ADMIN", "IAM_ADMIN"
|
111
|
+
roles_hash = [{ cidr: "::/0", role: role }]
|
112
|
+
when "DOMAIN_ADMIN", "DOMAIN_USER", "CAPTIVE_ADMIN"
|
113
|
+
roles_hash = [{ cidr: domain, role: role }]
|
114
|
+
when "NETWORK_ADMIN", "NETWORK_USER"
|
115
|
+
roles_hash = [{ cidr: network, role: role }]
|
116
|
+
end
|
150
117
|
|
151
|
-
|
118
|
+
if roles_hash
|
119
|
+
invite_hash[:roles] = roles_hash
|
120
|
+
end
|
152
121
|
|
153
|
-
|
154
|
-
|
122
|
+
resp_data = EnfApi::UserManager.instance.invite invite_hash
|
123
|
+
invite = resp_data[:data]
|
124
|
+
display_invites invite
|
155
125
|
end
|
156
126
|
end
|
157
127
|
|
158
|
-
desc "
|
159
|
-
method_option :
|
128
|
+
desc "delete-invite", "Delete an invite"
|
129
|
+
method_option :id, type: :string, required: true
|
160
130
|
|
161
|
-
def
|
131
|
+
def delete_invite
|
162
132
|
try_with_rescue_in_session do
|
133
|
+
id = options[:id]
|
163
134
|
# call api
|
164
|
-
EnfApi::
|
165
|
-
|
166
|
-
# print success
|
167
|
-
say "Invite Canceled!", :green
|
135
|
+
EnfApi::UserManager.instance.delete_invite id
|
136
|
+
say "Invite: #{id} successfully deleted", :green
|
168
137
|
end
|
169
138
|
end
|
170
139
|
|
171
|
-
desc "resend-
|
172
|
-
method_option :
|
140
|
+
desc "resend-invite", "Resend an invite"
|
141
|
+
method_option :id, type: :string, required: true
|
173
142
|
|
174
|
-
def
|
143
|
+
def resend_invite
|
175
144
|
try_with_rescue_in_session do
|
145
|
+
id = options[:id]
|
176
146
|
# call api
|
177
|
-
EnfApi::
|
178
|
-
|
179
|
-
# print success
|
180
|
-
say "Resent invite email!", :green
|
147
|
+
EnfApi::UserManager.instance.resend_invite id
|
148
|
+
say "Resent invite: #{id}!", :green
|
181
149
|
end
|
182
150
|
end
|
183
151
|
|
@@ -187,78 +155,155 @@ module EnfCli
|
|
187
155
|
def list_invites
|
188
156
|
try_with_rescue_in_session do
|
189
157
|
# use the domain network of the user
|
190
|
-
|
191
|
-
raise EnfCli::ERROR, "User not in a valid domain!" unless domain_network
|
192
|
-
|
193
|
-
# Get user role
|
194
|
-
user_role = EnfCli::CTX.instance.session[:type]
|
158
|
+
domain = nil
|
195
159
|
|
196
|
-
#
|
197
|
-
if
|
198
|
-
|
199
|
-
|
200
|
-
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
160
|
+
# only XAPTUM_ADMIN can specify --domain (but doesn't have to)
|
161
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
162
|
+
domain = options[:domain] if options[:domain]
|
163
|
+
elsif options[:domain]
|
164
|
+
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
201
165
|
end
|
202
166
|
|
203
167
|
# call the api
|
204
|
-
data = EnfApi::
|
168
|
+
data = EnfApi::UserManager.instance.list_invites domain
|
205
169
|
invites = data[:data]
|
206
170
|
|
207
171
|
display_invites invites
|
208
172
|
end
|
209
173
|
end
|
210
174
|
|
211
|
-
desc "
|
212
|
-
method_option :
|
175
|
+
desc "get-user-details", "Get User Details"
|
176
|
+
method_option :email, required: true, type: :string, banner: "EMAIL",
|
177
|
+
aliases: "-e"
|
213
178
|
|
214
|
-
def
|
179
|
+
def get_user_details
|
215
180
|
try_with_rescue_in_session do
|
216
|
-
#
|
217
|
-
|
218
|
-
|
181
|
+
# call the api
|
182
|
+
data = EnfApi::UserManager.instance.get_user options[:email]
|
183
|
+
user = data[:data][0]
|
184
|
+
|
185
|
+
display_user_details user
|
186
|
+
end
|
187
|
+
end
|
219
188
|
|
220
|
-
|
221
|
-
|
189
|
+
desc "list-users", "List users"
|
190
|
+
method_option :domain, default: nil, type: :string, banner: "DOMAIN",
|
191
|
+
aliases: "-d"
|
192
|
+
method_option :network, default: nil, type: :string, banner: "NETWORK",
|
193
|
+
aliases: "-n"
|
222
194
|
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
195
|
+
def list_users
|
196
|
+
try_with_rescue_in_session do
|
197
|
+
domain = options[:domain]
|
198
|
+
network = options[:network]
|
199
|
+
|
200
|
+
## initalize query param
|
201
|
+
query_param = ""
|
202
|
+
if domain
|
203
|
+
query_param = "?domain=#{domain}"
|
204
|
+
elsif network
|
205
|
+
query_param = "?network=#{network}"
|
228
206
|
end
|
229
207
|
|
230
208
|
# call the api
|
231
|
-
data = EnfApi::
|
209
|
+
data = EnfApi::UserManager.instance.list_users query_param
|
232
210
|
users = data[:data]
|
233
211
|
|
234
212
|
display_users users
|
235
213
|
end
|
236
214
|
end
|
237
215
|
|
216
|
+
desc "list-user-roles", "List user roles"
|
217
|
+
method_option :email, type: :string, required: true, banner: "EMAIL"
|
218
|
+
method_option :network, default: nil, type: :string, banner: "NETWORK",
|
219
|
+
aliases: "-n"
|
220
|
+
|
221
|
+
def list_user_roles
|
222
|
+
try_with_rescue_in_session do
|
223
|
+
# call api
|
224
|
+
data = EnfApi::UserManager.instance.list_user_roles options[:email], options[:network]
|
225
|
+
roles = data[:data]
|
226
|
+
|
227
|
+
# print roles
|
228
|
+
display_roles roles
|
229
|
+
end
|
230
|
+
end
|
231
|
+
|
232
|
+
desc "delete-user-roles", "Remove a user's roles"
|
233
|
+
method_option :email, type: :string, required: true, banner: "EMAIL"
|
234
|
+
method_option :network, default: nil, type: :string, banner: "NETWORK",
|
235
|
+
aliases: "-n",
|
236
|
+
desc: 'Can be a /64 cidr or "ALL"'
|
237
|
+
method_option :roles, type: :string, required: true, banner: "ROLES",
|
238
|
+
aliases: "-r",
|
239
|
+
desc: "Can be a valid DOMAIN or NETWORK role. " \
|
240
|
+
"Can take '*' wildcards."
|
241
|
+
|
242
|
+
def delete_user_roles
|
243
|
+
try_with_rescue_in_session do
|
244
|
+
user_id = options[:email]
|
245
|
+
roles = options[:roles]
|
246
|
+
roles = roles.upcase if roles
|
247
|
+
network = options[:network]
|
248
|
+
|
249
|
+
if roles[0..6] == "NETWORK" && !network
|
250
|
+
raise EnfCli::ERROR, "--network option must be included for --roles=#{roles}"
|
251
|
+
end
|
252
|
+
|
253
|
+
EnfApi::UserManager.instance.delete_user_roles user_id, roles, network
|
254
|
+
say "Role: #{roles} successfully removed from user: #{user_id}", :green
|
255
|
+
end
|
256
|
+
end
|
257
|
+
|
238
258
|
desc "deactivate-user", "Deactivate User"
|
239
|
-
method_option :
|
259
|
+
method_option :email, required: true, type: :string, banner: "EMAIL"
|
240
260
|
|
241
261
|
def deactivate_user
|
242
262
|
try_with_rescue_in_session do
|
243
|
-
|
244
263
|
## call the api
|
245
|
-
status = { :
|
246
|
-
EnfApi::
|
264
|
+
status = { status: "INACTIVE" }
|
265
|
+
EnfApi::UserManager.instance.update_user_status options[:email], status
|
247
266
|
|
248
267
|
say "Deactivated user!", :green
|
249
268
|
end
|
250
269
|
end
|
251
270
|
|
271
|
+
desc "add-user-role", "Add a new role to the specified rule."
|
272
|
+
method_option :email, type: :string, required: true, banner: "EMAIL"
|
273
|
+
method_option :cidr, type: :string, required: true, banner: "CIDR",
|
274
|
+
desc: "Can be a /64 cidr for NETWORK user or " \
|
275
|
+
"/48 cidr for DOMAIN user."
|
276
|
+
method_option :role, type: :string, required: true, banner: "ROLE",
|
277
|
+
aliases: "-r",
|
278
|
+
desc: "Can be a valid DOMAIN or NETWORK role. ",
|
279
|
+
enum: ["XAPTUM_ADMIN", "DOMAIN_ADMIN", "DOMAIN_USER", "NETWORK_ADMIN", "NETWORK_USER", "CAPTIVE_ADMIN", "IAM_ADMIN"]
|
280
|
+
|
281
|
+
def add_user_role
|
282
|
+
try_with_rescue_in_session do
|
283
|
+
## get options
|
284
|
+
email = options[:email]
|
285
|
+
role = options[:role]
|
286
|
+
role = role.upcase if role
|
287
|
+
cidr = EnfCli::IPV6Cidr.new(options[:cidr]).to_s
|
288
|
+
|
289
|
+
## call api
|
290
|
+
role_hash = [{ cidr: cidr, role: role }]
|
291
|
+
resp = EnfApi::UserManager.instance.add_user_role email, role_hash
|
292
|
+
resp_roles = resp[:data]
|
293
|
+
|
294
|
+
## display response
|
295
|
+
display_roles resp_roles
|
296
|
+
end
|
297
|
+
end
|
298
|
+
|
252
299
|
desc "activate-user", "Activate User"
|
253
|
-
method_option :
|
300
|
+
method_option :email, required: true, type: :string, banner: "EMAIL"
|
254
301
|
|
255
302
|
def activate_user
|
256
303
|
try_with_rescue_in_session do
|
257
|
-
|
258
304
|
## call the api
|
259
|
-
status = { :
|
260
|
-
EnfApi::
|
261
|
-
|
305
|
+
status = { status: "ACTIVE" }
|
306
|
+
EnfApi::UserManager.instance.update_user_status options[:email], status
|
262
307
|
say "Activated user!", :green
|
263
308
|
end
|
264
309
|
end
|
data/lib/enfcli/commands/xcr.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
#
|
2
|
-
# Copyright 2018 Xaptum,Inc
|
2
|
+
# Copyright 2018-2020 Xaptum,Inc
|
3
3
|
#
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
5
5
|
# you may not use this file except in compliance with the License.
|
@@ -26,8 +26,8 @@ module EnfCli
|
|
26
26
|
[hash[:ipv6],
|
27
27
|
hash[:name],
|
28
28
|
hash[:state],
|
29
|
-
hash[:state] == "OFFLINE" ? "" : hash[:
|
30
|
-
hash[:state] == "OFFLINE" ? "" : hash[:
|
29
|
+
hash[:state] == "OFFLINE" ? "" : hash[:last_event][:asn_org],
|
30
|
+
hash[:state] == "OFFLINE" ? "" : hash[:last_event][:remote_ip]]
|
31
31
|
}
|
32
32
|
render_table(headings, rows, options.file)
|
33
33
|
end
|
@@ -41,23 +41,23 @@ module EnfCli
|
|
41
41
|
end
|
42
42
|
|
43
43
|
def display_domains(domains)
|
44
|
-
headings = ["Name", "
|
44
|
+
headings = ["Name", "Cidr", "Status"]
|
45
45
|
rows = domains.map { |hash|
|
46
|
-
[hash[:name], hash[:
|
46
|
+
[hash[:name], hash[:cidr], hash[:status]]
|
47
47
|
}
|
48
48
|
render_table(headings, rows)
|
49
49
|
end
|
50
50
|
|
51
51
|
def display_networks(networks)
|
52
|
-
headings = ["Name", "
|
52
|
+
headings = ["Name", "Cidr", "Description", "Status"]
|
53
53
|
rows = networks.map { |hash|
|
54
|
-
[hash[:name], hash[:
|
54
|
+
[hash[:name], hash[:cidr], hash[:description], hash[:status]]
|
55
55
|
}
|
56
56
|
render_table(headings, rows)
|
57
57
|
end
|
58
58
|
|
59
59
|
def display_network(network)
|
60
|
-
network_cidr = network[:
|
60
|
+
network_cidr = network[:cidr]
|
61
61
|
name = network[:name] || ""
|
62
62
|
description = network[:description] || ""
|
63
63
|
status = network[:status] || ""
|
@@ -104,13 +104,26 @@ module EnfCli
|
|
104
104
|
}
|
105
105
|
|
106
106
|
desc "list-networks", "List all virtual networks in domain"
|
107
|
+
method_option :domain, type: :string, default: nil, banner: "/48 CIDR",
|
108
|
+
aliases: "-d"
|
107
109
|
|
108
110
|
def list_networks
|
109
111
|
try_with_rescue_in_session do
|
110
|
-
|
112
|
+
# get correct domain
|
113
|
+
domain = EnfCli::CTX.instance.session[:domain]
|
114
|
+
raise EnfCli::ERROR, "User not in a valid domain!" unless domain
|
115
|
+
|
116
|
+
# check if admin
|
117
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
118
|
+
raise EnfCli::ERROR, "--domain is required" unless options[:domain]
|
119
|
+
|
120
|
+
domain = options[:domain]
|
121
|
+
elsif options[:domain]
|
122
|
+
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
123
|
+
end
|
111
124
|
|
112
125
|
# Call the api
|
113
|
-
data = EnfApi::API.instance.list_domain_nws
|
126
|
+
data = EnfApi::API.instance.list_domain_nws domain
|
114
127
|
networks = data[:data]
|
115
128
|
|
116
129
|
# display table
|
@@ -120,13 +133,24 @@ module EnfCli
|
|
120
133
|
|
121
134
|
desc "provision-network", "Provision a Network"
|
122
135
|
method_option :name, :type => :array, :required => true, :banner => "NAME"
|
136
|
+
method_option :domain, type: :string, default: nil, banner: "/48 CIDR",
|
137
|
+
aliases: "-d"
|
123
138
|
method_option :description, :type => :array, :banner => "DESCRIPTION"
|
124
139
|
|
125
140
|
def provision_network
|
126
141
|
try_with_rescue_in_session do
|
127
|
-
#
|
128
|
-
|
129
|
-
raise EnfCli::ERROR, "User
|
142
|
+
# get correct domain
|
143
|
+
domain = EnfCli::CTX.instance.session[:domain]
|
144
|
+
raise EnfCli::ERROR, "User not in a valid domain!" unless domain
|
145
|
+
|
146
|
+
# check if admin
|
147
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
148
|
+
raise EnfCli::ERROR, "--domain is required" unless options[:domain]
|
149
|
+
|
150
|
+
domain = options[:domain]
|
151
|
+
elsif options[:domain]
|
152
|
+
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
153
|
+
end
|
130
154
|
|
131
155
|
# Get options
|
132
156
|
description = ""
|
@@ -136,10 +160,9 @@ module EnfCli
|
|
136
160
|
# Call the api
|
137
161
|
hash = {
|
138
162
|
:name => network_name,
|
139
|
-
:domain_id => domain_id,
|
140
163
|
:description => description,
|
141
164
|
}
|
142
|
-
data = EnfApi::API.instance.create_nw hash
|
165
|
+
data = EnfApi::API.instance.create_nw domain, hash
|
143
166
|
networks = data[:data]
|
144
167
|
|
145
168
|
# display table
|
@@ -211,10 +234,10 @@ module EnfCli
|
|
211
234
|
|
212
235
|
# call api
|
213
236
|
data = { :data => [] }
|
214
|
-
|
215
|
-
|
237
|
+
|
238
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
216
239
|
data = EnfApi::API.instance.list_domains
|
217
|
-
|
240
|
+
elsif EnfCli::CTX.instance.has_role?("DOMAIN_ADMIN")
|
218
241
|
data = EnfApi::API.instance.get_domain session[:domain_id]
|
219
242
|
end
|
220
243
|
|
@@ -252,13 +275,13 @@ module EnfCli
|
|
252
275
|
end
|
253
276
|
|
254
277
|
desc "list-domain-rate-limits", "List domain rate limits"
|
255
|
-
method_option :
|
278
|
+
method_option :domain, :type => :string, :required => true, :banner => "/48 CIDR"
|
256
279
|
method_option :filter, :type => :string, :enum => ["default", "max"]
|
257
280
|
|
258
281
|
def list_domain_rate_limits
|
259
282
|
try_with_rescue_in_session do
|
260
283
|
# Call the api
|
261
|
-
data = EnfApi::API.instance.get_domain_rate_limits options[:
|
284
|
+
data = EnfApi::API.instance.get_domain_rate_limits options[:domain], options[:filter]
|
262
285
|
|
263
286
|
# Get the limits
|
264
287
|
limits = data[:data][0]
|
@@ -274,7 +297,7 @@ module EnfCli
|
|
274
297
|
end
|
275
298
|
|
276
299
|
desc "list-network-rate-limits", "List network rate limits"
|
277
|
-
method_option :network, :type => :string, :required => true
|
300
|
+
method_option :network, :type => :string, :required => true, :banner => "/64 CIDR"
|
278
301
|
method_option :filter, :type => :string, :enum => ["default", "max"]
|
279
302
|
|
280
303
|
def list_network_rate_limits
|
@@ -318,12 +341,12 @@ module EnfCli
|
|
318
341
|
end
|
319
342
|
|
320
343
|
desc "activate-domain", "Activate a customer's /48 domain"
|
321
|
-
method_option :
|
344
|
+
method_option :domain, :type => :string, :required => true, banner: "/48 CIDR"
|
322
345
|
|
323
346
|
def activate_domain
|
324
347
|
try_with_rescue_in_session do
|
325
348
|
# Call api
|
326
|
-
data = EnfApi::API.instance.update_domain_status options[:
|
349
|
+
data = EnfApi::API.instance.update_domain_status options[:domain], { :status => "ACTIVE" }
|
327
350
|
domains = data[:data]
|
328
351
|
|
329
352
|
# Display the data
|
@@ -333,12 +356,12 @@ module EnfCli
|
|
333
356
|
end
|
334
357
|
|
335
358
|
desc "deactivate-domain", "Deactivate a customer's /48 domain"
|
336
|
-
method_option :
|
359
|
+
method_option :domain, :type => :string, :required => true, banner: "/48 CIDR"
|
337
360
|
|
338
361
|
def deactivate_domain
|
339
362
|
try_with_rescue_in_session do
|
340
363
|
# Call api
|
341
|
-
data = EnfApi::API.instance.update_domain_status options[:
|
364
|
+
data = EnfApi::API.instance.update_domain_status options[:domain], { :status => "READY" }
|
342
365
|
domains = data[:data]
|
343
366
|
|
344
367
|
# Display the data
|
@@ -348,12 +371,12 @@ module EnfCli
|
|
348
371
|
end
|
349
372
|
|
350
373
|
desc "set-domain-rate-limits", "Update a customer /48 domain's endpoint rate limits"
|
351
|
-
method_option :
|
374
|
+
method_option :domain, :type => :string, :required => true, banner: "/48 CIDR"
|
352
375
|
method_option :limit, :type => :string, :enum => ["default", "max"], :required => true
|
353
|
-
method_option :'packets-per-second', :type => :numeric, :required => true
|
354
|
-
method_option :'packets-burst-size', :type => :numeric, :required => true
|
355
|
-
method_option :'bytes-per-second', :type => :numeric, :required => true
|
356
|
-
method_option :'bytes-burst-size', :type => :numeric, :required => true
|
376
|
+
method_option :'packets-per-second', :type => :numeric, :required => true, aliases: "-p"
|
377
|
+
method_option :'packets-burst-size', :type => :numeric, :required => true, aliases: "-P"
|
378
|
+
method_option :'bytes-per-second', :type => :numeric, :required => true, aliases: "-b"
|
379
|
+
method_option :'bytes-burst-size', :type => :numeric, :required => true, aliases: "-B"
|
357
380
|
|
358
381
|
def set_domain_rate_limits
|
359
382
|
try_with_rescue_in_session do
|
@@ -364,7 +387,7 @@ module EnfCli
|
|
364
387
|
:bytes_per_second => options["bytes-per-second"],
|
365
388
|
:bytes_burst_size => options["bytes-burst-size"],
|
366
389
|
}
|
367
|
-
data = EnfApi::API.instance.update_domain_rate_limits options[:
|
390
|
+
data = EnfApi::API.instance.update_domain_rate_limits options[:domain], options[:limit], hash
|
368
391
|
limits = data[:data][0]
|
369
392
|
|
370
393
|
# The Api returns only the rate limits object. Have to add type explicitly to display
|
@@ -378,10 +401,10 @@ module EnfCli
|
|
378
401
|
desc "set-network-rate-limits", "Update a customer /64 network's endpoint rate limits"
|
379
402
|
method_option :network, :type => :string, :required => true
|
380
403
|
method_option :limit, :type => :string, :enum => ["default", "max"], :required => true
|
381
|
-
method_option :'packets-per-second', :type => :numeric, :required => true
|
382
|
-
method_option :'packets-burst-size', :type => :numeric, :required => true
|
383
|
-
method_option :'bytes-per-second', :type => :numeric, :required => true
|
384
|
-
method_option :'bytes-burst-size', :type => :numeric, :required => true
|
404
|
+
method_option :'packets-per-second', :type => :numeric, :required => true, aliases: "-p"
|
405
|
+
method_option :'packets-burst-size', :type => :numeric, :required => true, aliases: "-P"
|
406
|
+
method_option :'bytes-per-second', :type => :numeric, :required => true, aliases: "-b"
|
407
|
+
method_option :'bytes-burst-size', :type => :numeric, :required => true, aliases: "-B"
|
385
408
|
|
386
409
|
def set_network_rate_limits
|
387
410
|
try_with_rescue_in_session do
|
@@ -427,10 +450,10 @@ module EnfCli
|
|
427
450
|
desc "set-endpoint-rate-limits", "Update an ipv6 endpoint rate limits"
|
428
451
|
method_option :ipv6, :type => :string, :required => true
|
429
452
|
method_option :limit, :type => :string, :enum => ["current", "max"], :required => true
|
430
|
-
method_option :'packets-per-second', :type => :numeric, :required => true
|
431
|
-
method_option :'packets-burst-size', :type => :numeric, :required => true
|
432
|
-
method_option :'bytes-per-second', :type => :numeric, :required => true
|
433
|
-
method_option :'bytes-burst-size', :type => :numeric, :required => true
|
453
|
+
method_option :'packets-per-second', :type => :numeric, :required => true, aliases: "-p"
|
454
|
+
method_option :'packets-burst-size', :type => :numeric, :required => true, aliases: "-P"
|
455
|
+
method_option :'bytes-per-second', :type => :numeric, :required => true, aliases: "-b"
|
456
|
+
method_option :'bytes-burst-size', :type => :numeric, :required => true, aliases: "-B"
|
434
457
|
|
435
458
|
def set_endpoint_rate_limits
|
436
459
|
try_with_rescue_in_session do
|
@@ -474,17 +497,13 @@ module EnfCli
|
|
474
497
|
end
|
475
498
|
|
476
499
|
desc "list-endpoints", "List all connections in a network"
|
477
|
-
method_option :network, :type => :string, :required => true
|
500
|
+
method_option :network, :type => :string, :required => true, banner: "/48 CIDR"
|
478
501
|
method_option :file, :type => :string, :aliases => "-f"
|
479
502
|
|
480
503
|
def list_endpoints
|
481
504
|
try_with_rescue_in_session do
|
482
|
-
# verify domain context is set
|
483
|
-
domain_id = EnfCli::CTX.instance.session[:domain_id]
|
484
|
-
raise EnfCli::ERROR, "User's domain not available!" if !domain_id || domain_id < 0
|
485
|
-
|
486
505
|
# call api
|
487
|
-
data = EnfApi::API.instance.list_nw_connections
|
506
|
+
data = EnfApi::API.instance.list_nw_connections options.network
|
488
507
|
cxns = data[:data]
|
489
508
|
|
490
509
|
# display table
|
@@ -550,15 +569,15 @@ module EnfCli
|
|
550
569
|
end
|
551
570
|
|
552
571
|
desc "activate-enf-network", "Active a /34 enf network"
|
553
|
-
method_option :
|
572
|
+
method_option :cidr, :type => :string, :required => true
|
554
573
|
|
555
574
|
def activate_enfnw
|
556
575
|
try_with_rescue_in_session do
|
557
576
|
# Call the api
|
558
|
-
EnfApi::API.instance.activate_enfnw options.
|
577
|
+
EnfApi::API.instance.activate_enfnw options.cidr
|
559
578
|
|
560
579
|
# Print success
|
561
|
-
say "Activated Enf Network #{options.
|
580
|
+
say "Activated Enf Network #{options.cidr}!", :green
|
562
581
|
end
|
563
582
|
end
|
564
583
|
end # class
|