enfcli 4.1.0.pre.beta → 5.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +4 -4
- data/lib/enfapi.rb +127 -169
- data/lib/enfapi/dns.rb +95 -0
- data/lib/enfapi/firewall.rb +37 -0
- data/lib/enfapi/user.rb +75 -0
- data/lib/enfcli.rb +51 -24
- data/lib/enfcli/commands/captive.rb +375 -14
- data/lib/enfcli/commands/user.rb +198 -153
- data/lib/enfcli/commands/xcr.rb +67 -48
- data/lib/enfcli/commands/xdns.rb +17 -10
- data/lib/enfcli/commands/xfw.rb +6 -3
- data/lib/enfcli/version.rb +2 -2
- metadata +7 -4
data/lib/enfcli/commands/user.rb
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#
|
|
2
|
-
# Copyright 2018 Xaptum,Inc
|
|
2
|
+
# Copyright 2018-2020 Xaptum,Inc
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
5
|
# you may not use this file except in compliance with the License.
|
|
@@ -14,170 +14,138 @@
|
|
|
14
14
|
# limitations under the License.
|
|
15
15
|
#
|
|
16
16
|
require "enfthor"
|
|
17
|
-
require "enfapi"
|
|
17
|
+
require "enfapi/user"
|
|
18
18
|
|
|
19
19
|
module EnfCli
|
|
20
20
|
module Cmd
|
|
21
|
+
##
|
|
22
|
+
# This class handles the commands that maniupulate users and roles
|
|
21
23
|
class User < EnfThor
|
|
22
24
|
no_commands {
|
|
23
25
|
def display_invites(invites)
|
|
24
26
|
headings = ["Id", "User Name", "Full Name", "Invited By", "Invite Code"]
|
|
25
27
|
rows = invites.map { |hash|
|
|
26
|
-
[hash[:id], hash[:email], hash[:name], hash[:
|
|
28
|
+
[hash[:id], hash[:email], hash[:name], hash[:created_by], hash[:invite_token]]
|
|
27
29
|
}
|
|
28
30
|
|
|
29
31
|
render_table(headings, rows)
|
|
30
32
|
end
|
|
31
33
|
|
|
32
34
|
def display_users(users)
|
|
33
|
-
headings = ["Id", "
|
|
34
|
-
rows =
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
35
|
+
headings = ["Id", "Name", "Username", "Domain", "Last Login", "Status"]
|
|
36
|
+
rows = []
|
|
37
|
+
users.each do |hash|
|
|
38
|
+
hash[:roles].each do |role|
|
|
39
|
+
rows.push [hash[:id],
|
|
40
|
+
hash[:full_name],
|
|
41
|
+
hash[:username],
|
|
42
|
+
hash[:domain],
|
|
43
|
+
hash[:last_login],
|
|
44
|
+
hash[:status]]
|
|
45
|
+
end
|
|
46
|
+
end
|
|
38
47
|
render_table(headings, rows)
|
|
39
48
|
end
|
|
40
49
|
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
# get params
|
|
46
|
-
name = options[:'name'].join(" ").gsub(/\A"+(.*?)"+\Z/m, '\1')
|
|
47
|
-
email = options[:'email']
|
|
48
|
-
|
|
49
|
-
# call api
|
|
50
|
-
hash = { :email => email, :full_name => name, :welcome_text => "", :user_type => user_type }
|
|
51
|
-
data = EnfApi::API.instance.invite domain_network, hash
|
|
52
|
-
invite = data[:data]
|
|
53
|
-
display_invites invite
|
|
54
|
-
end
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
desc "invite-read-only-user", "Invite a domain user"
|
|
58
|
-
method_option :domain, :default => nil, :type => :string, :aliases => "-d"
|
|
59
|
-
method_option :'name', :type => :array, :required => true, :banner => "NAME"
|
|
60
|
-
method_option :'email', :type => :string, :required => true, :banner => "EMAIL"
|
|
50
|
+
# Display the roles as a table
|
|
51
|
+
def display_roles(roles)
|
|
52
|
+
headings = ["Cidr", "Role"]
|
|
61
53
|
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
# use the domain network of the user
|
|
65
|
-
domain_network = EnfCli::CTX.instance.session[:domain_network]
|
|
66
|
-
raise EnfCli::ERROR, "User not in a valid domain!" unless domain_network
|
|
67
|
-
|
|
68
|
-
# Get user role
|
|
69
|
-
user_role = EnfCli::CTX.instance.session[:type]
|
|
70
|
-
|
|
71
|
-
# check user roles
|
|
72
|
-
if user_role == "XAPTUM_ADMIN"
|
|
73
|
-
raise "--domain is required" unless options[:domain]
|
|
74
|
-
else
|
|
75
|
-
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow if options[:domain]
|
|
76
|
-
options[:domain] = domain_network
|
|
54
|
+
rows = roles.map do |role|
|
|
55
|
+
[role[:cidr], role[:role]]
|
|
77
56
|
end
|
|
78
57
|
|
|
79
|
-
|
|
58
|
+
render_table(headings, rows)
|
|
80
59
|
end
|
|
81
|
-
end
|
|
82
|
-
|
|
83
|
-
desc "invite-domain-admin-user", "Invite a domain administrator"
|
|
84
|
-
method_option :domain, :default => nil, :type => :string, :aliases => "-d"
|
|
85
|
-
method_option :'name', :type => :array, :required => true, :banner => "NAME"
|
|
86
|
-
method_option :'email', :type => :string, :required => true, :banner => "EMAIL"
|
|
87
|
-
|
|
88
|
-
def invite_domain_admin_user
|
|
89
|
-
try_with_rescue_in_session do
|
|
90
|
-
# use the domain network of the user
|
|
91
|
-
domain_network = EnfCli::CTX.instance.session[:domain_network]
|
|
92
|
-
raise EnfCli::ERROR, "User not in a valid domain!" unless domain_network
|
|
93
|
-
|
|
94
|
-
# Get user role
|
|
95
|
-
user_role = EnfCli::CTX.instance.session[:type]
|
|
96
|
-
|
|
97
|
-
# check user roles
|
|
98
|
-
if user_role == "XAPTUM_ADMIN"
|
|
99
|
-
raise "--domain is required" unless options[:domain]
|
|
100
|
-
else
|
|
101
|
-
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow if options[:domain]
|
|
102
|
-
options[:domain] = domain_network
|
|
103
|
-
end
|
|
104
60
|
|
|
105
|
-
|
|
61
|
+
def display_user_details(user)
|
|
62
|
+
display_users([user])
|
|
63
|
+
display_roles(user[:roles])
|
|
106
64
|
end
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
desc "invite-enf-admin-user", "Invite an ENF administrator"
|
|
110
|
-
method_option :'name', :type => :array, :required => true, :banner => "NAME"
|
|
111
|
-
method_option :'email', :type => :string, :required => true, :banner => "EMAIL"
|
|
65
|
+
}
|
|
112
66
|
|
|
113
|
-
|
|
67
|
+
desc "send-invite",
|
|
68
|
+
"Send an invite to a new user or one with a modified role."
|
|
69
|
+
method_option :email, type: :string, required: true, banner: "EMAIL",
|
|
70
|
+
desc: "Full email address of user to invite."
|
|
71
|
+
method_option :name, type: :array, required: true, banner: "NAME",
|
|
72
|
+
desc: "Full name of user to invite."
|
|
73
|
+
method_option :domain, type: :string, default: nil, banner: "DOMAIN",
|
|
74
|
+
aliases: "-d"
|
|
75
|
+
method_option :network, type: :string, default: nil, banner: "NETWORK",
|
|
76
|
+
aliases: "-n"
|
|
77
|
+
method_option :role, type: :string, default: nil, banner: "ROLE",
|
|
78
|
+
aliases: "-r"
|
|
79
|
+
|
|
80
|
+
def send_invite
|
|
114
81
|
try_with_rescue_in_session do
|
|
115
|
-
#
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
raise EnfCli::ERROR, "Only ENF Administrators can invite ENF Administrator" unless user_role == "XAPTUM_ADMIN"
|
|
82
|
+
# get params
|
|
83
|
+
name = options[:name].join(" ").gsub(/\A"+(.*?)"+\Z/m, '\1')
|
|
84
|
+
email = options[:email]
|
|
119
85
|
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
end
|
|
86
|
+
# get correct domain
|
|
87
|
+
domain = EnfCli::CTX.instance.session[:domain]
|
|
88
|
+
raise EnfCli::ERROR, "User not in a valid domain!" unless domain
|
|
124
89
|
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
90
|
+
# check if admin
|
|
91
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
|
92
|
+
raise EnfCli::ERROR, "--domain is required" unless options[:domain]
|
|
128
93
|
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
94
|
+
domain = options[:domain]
|
|
95
|
+
elsif options[:domain]
|
|
96
|
+
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
|
97
|
+
end
|
|
133
98
|
|
|
134
|
-
|
|
99
|
+
invite_hash = { email: email,
|
|
100
|
+
full_name: name,
|
|
101
|
+
domain: domain }
|
|
135
102
|
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
end
|
|
103
|
+
role = options[:role]
|
|
104
|
+
role = role.upcase if role
|
|
105
|
+
network = options[:network]
|
|
140
106
|
|
|
141
|
-
|
|
142
|
-
method_option :'captive-domain', :type => :string, :required => true, :banner => "CAPTIVE CONTROL DOMAIN"
|
|
143
|
-
method_option :'name', :type => :array, :required => true, :banner => "NAME"
|
|
144
|
-
method_option :'email', :type => :string, :required => true, :banner => "EMAIL"
|
|
107
|
+
roles_hash = nil
|
|
145
108
|
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
109
|
+
case role
|
|
110
|
+
when "XAPTUM_ADMIN", "IAM_ADMIN"
|
|
111
|
+
roles_hash = [{ cidr: "::/0", role: role }]
|
|
112
|
+
when "DOMAIN_ADMIN", "DOMAIN_USER", "CAPTIVE_ADMIN"
|
|
113
|
+
roles_hash = [{ cidr: domain, role: role }]
|
|
114
|
+
when "NETWORK_ADMIN", "NETWORK_USER"
|
|
115
|
+
roles_hash = [{ cidr: network, role: role }]
|
|
116
|
+
end
|
|
150
117
|
|
|
151
|
-
|
|
118
|
+
if roles_hash
|
|
119
|
+
invite_hash[:roles] = roles_hash
|
|
120
|
+
end
|
|
152
121
|
|
|
153
|
-
|
|
154
|
-
|
|
122
|
+
resp_data = EnfApi::UserManager.instance.invite invite_hash
|
|
123
|
+
invite = resp_data[:data]
|
|
124
|
+
display_invites invite
|
|
155
125
|
end
|
|
156
126
|
end
|
|
157
127
|
|
|
158
|
-
desc "
|
|
159
|
-
method_option :
|
|
128
|
+
desc "delete-invite", "Delete an invite"
|
|
129
|
+
method_option :id, type: :string, required: true
|
|
160
130
|
|
|
161
|
-
def
|
|
131
|
+
def delete_invite
|
|
162
132
|
try_with_rescue_in_session do
|
|
133
|
+
id = options[:id]
|
|
163
134
|
# call api
|
|
164
|
-
EnfApi::
|
|
165
|
-
|
|
166
|
-
# print success
|
|
167
|
-
say "Invite Canceled!", :green
|
|
135
|
+
EnfApi::UserManager.instance.delete_invite id
|
|
136
|
+
say "Invite: #{id} successfully deleted", :green
|
|
168
137
|
end
|
|
169
138
|
end
|
|
170
139
|
|
|
171
|
-
desc "resend-
|
|
172
|
-
method_option :
|
|
140
|
+
desc "resend-invite", "Resend an invite"
|
|
141
|
+
method_option :id, type: :string, required: true
|
|
173
142
|
|
|
174
|
-
def
|
|
143
|
+
def resend_invite
|
|
175
144
|
try_with_rescue_in_session do
|
|
145
|
+
id = options[:id]
|
|
176
146
|
# call api
|
|
177
|
-
EnfApi::
|
|
178
|
-
|
|
179
|
-
# print success
|
|
180
|
-
say "Resent invite email!", :green
|
|
147
|
+
EnfApi::UserManager.instance.resend_invite id
|
|
148
|
+
say "Resent invite: #{id}!", :green
|
|
181
149
|
end
|
|
182
150
|
end
|
|
183
151
|
|
|
@@ -187,78 +155,155 @@ module EnfCli
|
|
|
187
155
|
def list_invites
|
|
188
156
|
try_with_rescue_in_session do
|
|
189
157
|
# use the domain network of the user
|
|
190
|
-
|
|
191
|
-
raise EnfCli::ERROR, "User not in a valid domain!" unless domain_network
|
|
192
|
-
|
|
193
|
-
# Get user role
|
|
194
|
-
user_role = EnfCli::CTX.instance.session[:type]
|
|
158
|
+
domain = nil
|
|
195
159
|
|
|
196
|
-
#
|
|
197
|
-
if
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
|
160
|
+
# only XAPTUM_ADMIN can specify --domain (but doesn't have to)
|
|
161
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
|
162
|
+
domain = options[:domain] if options[:domain]
|
|
163
|
+
elsif options[:domain]
|
|
164
|
+
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
|
201
165
|
end
|
|
202
166
|
|
|
203
167
|
# call the api
|
|
204
|
-
data = EnfApi::
|
|
168
|
+
data = EnfApi::UserManager.instance.list_invites domain
|
|
205
169
|
invites = data[:data]
|
|
206
170
|
|
|
207
171
|
display_invites invites
|
|
208
172
|
end
|
|
209
173
|
end
|
|
210
174
|
|
|
211
|
-
desc "
|
|
212
|
-
method_option :
|
|
175
|
+
desc "get-user-details", "Get User Details"
|
|
176
|
+
method_option :email, required: true, type: :string, banner: "EMAIL",
|
|
177
|
+
aliases: "-e"
|
|
213
178
|
|
|
214
|
-
def
|
|
179
|
+
def get_user_details
|
|
215
180
|
try_with_rescue_in_session do
|
|
216
|
-
#
|
|
217
|
-
|
|
218
|
-
|
|
181
|
+
# call the api
|
|
182
|
+
data = EnfApi::UserManager.instance.get_user options[:email]
|
|
183
|
+
user = data[:data][0]
|
|
184
|
+
|
|
185
|
+
display_user_details user
|
|
186
|
+
end
|
|
187
|
+
end
|
|
219
188
|
|
|
220
|
-
|
|
221
|
-
|
|
189
|
+
desc "list-users", "List users"
|
|
190
|
+
method_option :domain, default: nil, type: :string, banner: "DOMAIN",
|
|
191
|
+
aliases: "-d"
|
|
192
|
+
method_option :network, default: nil, type: :string, banner: "NETWORK",
|
|
193
|
+
aliases: "-n"
|
|
222
194
|
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
195
|
+
def list_users
|
|
196
|
+
try_with_rescue_in_session do
|
|
197
|
+
domain = options[:domain]
|
|
198
|
+
network = options[:network]
|
|
199
|
+
|
|
200
|
+
## initalize query param
|
|
201
|
+
query_param = ""
|
|
202
|
+
if domain
|
|
203
|
+
query_param = "?domain=#{domain}"
|
|
204
|
+
elsif network
|
|
205
|
+
query_param = "?network=#{network}"
|
|
228
206
|
end
|
|
229
207
|
|
|
230
208
|
# call the api
|
|
231
|
-
data = EnfApi::
|
|
209
|
+
data = EnfApi::UserManager.instance.list_users query_param
|
|
232
210
|
users = data[:data]
|
|
233
211
|
|
|
234
212
|
display_users users
|
|
235
213
|
end
|
|
236
214
|
end
|
|
237
215
|
|
|
216
|
+
desc "list-user-roles", "List user roles"
|
|
217
|
+
method_option :email, type: :string, required: true, banner: "EMAIL"
|
|
218
|
+
method_option :network, default: nil, type: :string, banner: "NETWORK",
|
|
219
|
+
aliases: "-n"
|
|
220
|
+
|
|
221
|
+
def list_user_roles
|
|
222
|
+
try_with_rescue_in_session do
|
|
223
|
+
# call api
|
|
224
|
+
data = EnfApi::UserManager.instance.list_user_roles options[:email], options[:network]
|
|
225
|
+
roles = data[:data]
|
|
226
|
+
|
|
227
|
+
# print roles
|
|
228
|
+
display_roles roles
|
|
229
|
+
end
|
|
230
|
+
end
|
|
231
|
+
|
|
232
|
+
desc "delete-user-roles", "Remove a user's roles"
|
|
233
|
+
method_option :email, type: :string, required: true, banner: "EMAIL"
|
|
234
|
+
method_option :network, default: nil, type: :string, banner: "NETWORK",
|
|
235
|
+
aliases: "-n",
|
|
236
|
+
desc: 'Can be a /64 cidr or "ALL"'
|
|
237
|
+
method_option :roles, type: :string, required: true, banner: "ROLES",
|
|
238
|
+
aliases: "-r",
|
|
239
|
+
desc: "Can be a valid DOMAIN or NETWORK role. " \
|
|
240
|
+
"Can take '*' wildcards."
|
|
241
|
+
|
|
242
|
+
def delete_user_roles
|
|
243
|
+
try_with_rescue_in_session do
|
|
244
|
+
user_id = options[:email]
|
|
245
|
+
roles = options[:roles]
|
|
246
|
+
roles = roles.upcase if roles
|
|
247
|
+
network = options[:network]
|
|
248
|
+
|
|
249
|
+
if roles[0..6] == "NETWORK" && !network
|
|
250
|
+
raise EnfCli::ERROR, "--network option must be included for --roles=#{roles}"
|
|
251
|
+
end
|
|
252
|
+
|
|
253
|
+
EnfApi::UserManager.instance.delete_user_roles user_id, roles, network
|
|
254
|
+
say "Role: #{roles} successfully removed from user: #{user_id}", :green
|
|
255
|
+
end
|
|
256
|
+
end
|
|
257
|
+
|
|
238
258
|
desc "deactivate-user", "Deactivate User"
|
|
239
|
-
method_option :
|
|
259
|
+
method_option :email, required: true, type: :string, banner: "EMAIL"
|
|
240
260
|
|
|
241
261
|
def deactivate_user
|
|
242
262
|
try_with_rescue_in_session do
|
|
243
|
-
|
|
244
263
|
## call the api
|
|
245
|
-
status = { :
|
|
246
|
-
EnfApi::
|
|
264
|
+
status = { status: "INACTIVE" }
|
|
265
|
+
EnfApi::UserManager.instance.update_user_status options[:email], status
|
|
247
266
|
|
|
248
267
|
say "Deactivated user!", :green
|
|
249
268
|
end
|
|
250
269
|
end
|
|
251
270
|
|
|
271
|
+
desc "add-user-role", "Add a new role to the specified rule."
|
|
272
|
+
method_option :email, type: :string, required: true, banner: "EMAIL"
|
|
273
|
+
method_option :cidr, type: :string, required: true, banner: "CIDR",
|
|
274
|
+
desc: "Can be a /64 cidr for NETWORK user or " \
|
|
275
|
+
"/48 cidr for DOMAIN user."
|
|
276
|
+
method_option :role, type: :string, required: true, banner: "ROLE",
|
|
277
|
+
aliases: "-r",
|
|
278
|
+
desc: "Can be a valid DOMAIN or NETWORK role. ",
|
|
279
|
+
enum: ["XAPTUM_ADMIN", "DOMAIN_ADMIN", "DOMAIN_USER", "NETWORK_ADMIN", "NETWORK_USER", "CAPTIVE_ADMIN", "IAM_ADMIN"]
|
|
280
|
+
|
|
281
|
+
def add_user_role
|
|
282
|
+
try_with_rescue_in_session do
|
|
283
|
+
## get options
|
|
284
|
+
email = options[:email]
|
|
285
|
+
role = options[:role]
|
|
286
|
+
role = role.upcase if role
|
|
287
|
+
cidr = EnfCli::IPV6Cidr.new(options[:cidr]).to_s
|
|
288
|
+
|
|
289
|
+
## call api
|
|
290
|
+
role_hash = [{ cidr: cidr, role: role }]
|
|
291
|
+
resp = EnfApi::UserManager.instance.add_user_role email, role_hash
|
|
292
|
+
resp_roles = resp[:data]
|
|
293
|
+
|
|
294
|
+
## display response
|
|
295
|
+
display_roles resp_roles
|
|
296
|
+
end
|
|
297
|
+
end
|
|
298
|
+
|
|
252
299
|
desc "activate-user", "Activate User"
|
|
253
|
-
method_option :
|
|
300
|
+
method_option :email, required: true, type: :string, banner: "EMAIL"
|
|
254
301
|
|
|
255
302
|
def activate_user
|
|
256
303
|
try_with_rescue_in_session do
|
|
257
|
-
|
|
258
304
|
## call the api
|
|
259
|
-
status = { :
|
|
260
|
-
EnfApi::
|
|
261
|
-
|
|
305
|
+
status = { status: "ACTIVE" }
|
|
306
|
+
EnfApi::UserManager.instance.update_user_status options[:email], status
|
|
262
307
|
say "Activated user!", :green
|
|
263
308
|
end
|
|
264
309
|
end
|
data/lib/enfcli/commands/xcr.rb
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#
|
|
2
|
-
# Copyright 2018 Xaptum,Inc
|
|
2
|
+
# Copyright 2018-2020 Xaptum,Inc
|
|
3
3
|
#
|
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
5
|
# you may not use this file except in compliance with the License.
|
|
@@ -26,8 +26,8 @@ module EnfCli
|
|
|
26
26
|
[hash[:ipv6],
|
|
27
27
|
hash[:name],
|
|
28
28
|
hash[:state],
|
|
29
|
-
hash[:state] == "OFFLINE" ? "" : hash[:
|
|
30
|
-
hash[:state] == "OFFLINE" ? "" : hash[:
|
|
29
|
+
hash[:state] == "OFFLINE" ? "" : hash[:last_event][:asn_org],
|
|
30
|
+
hash[:state] == "OFFLINE" ? "" : hash[:last_event][:remote_ip]]
|
|
31
31
|
}
|
|
32
32
|
render_table(headings, rows, options.file)
|
|
33
33
|
end
|
|
@@ -41,23 +41,23 @@ module EnfCli
|
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
def display_domains(domains)
|
|
44
|
-
headings = ["Name", "
|
|
44
|
+
headings = ["Name", "Cidr", "Status"]
|
|
45
45
|
rows = domains.map { |hash|
|
|
46
|
-
[hash[:name], hash[:
|
|
46
|
+
[hash[:name], hash[:cidr], hash[:status]]
|
|
47
47
|
}
|
|
48
48
|
render_table(headings, rows)
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
def display_networks(networks)
|
|
52
|
-
headings = ["Name", "
|
|
52
|
+
headings = ["Name", "Cidr", "Description", "Status"]
|
|
53
53
|
rows = networks.map { |hash|
|
|
54
|
-
[hash[:name], hash[:
|
|
54
|
+
[hash[:name], hash[:cidr], hash[:description], hash[:status]]
|
|
55
55
|
}
|
|
56
56
|
render_table(headings, rows)
|
|
57
57
|
end
|
|
58
58
|
|
|
59
59
|
def display_network(network)
|
|
60
|
-
network_cidr = network[:
|
|
60
|
+
network_cidr = network[:cidr]
|
|
61
61
|
name = network[:name] || ""
|
|
62
62
|
description = network[:description] || ""
|
|
63
63
|
status = network[:status] || ""
|
|
@@ -104,13 +104,26 @@ module EnfCli
|
|
|
104
104
|
}
|
|
105
105
|
|
|
106
106
|
desc "list-networks", "List all virtual networks in domain"
|
|
107
|
+
method_option :domain, type: :string, default: nil, banner: "/48 CIDR",
|
|
108
|
+
aliases: "-d"
|
|
107
109
|
|
|
108
110
|
def list_networks
|
|
109
111
|
try_with_rescue_in_session do
|
|
110
|
-
|
|
112
|
+
# get correct domain
|
|
113
|
+
domain = EnfCli::CTX.instance.session[:domain]
|
|
114
|
+
raise EnfCli::ERROR, "User not in a valid domain!" unless domain
|
|
115
|
+
|
|
116
|
+
# check if admin
|
|
117
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
|
118
|
+
raise EnfCli::ERROR, "--domain is required" unless options[:domain]
|
|
119
|
+
|
|
120
|
+
domain = options[:domain]
|
|
121
|
+
elsif options[:domain]
|
|
122
|
+
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
|
123
|
+
end
|
|
111
124
|
|
|
112
125
|
# Call the api
|
|
113
|
-
data = EnfApi::API.instance.list_domain_nws
|
|
126
|
+
data = EnfApi::API.instance.list_domain_nws domain
|
|
114
127
|
networks = data[:data]
|
|
115
128
|
|
|
116
129
|
# display table
|
|
@@ -120,13 +133,24 @@ module EnfCli
|
|
|
120
133
|
|
|
121
134
|
desc "provision-network", "Provision a Network"
|
|
122
135
|
method_option :name, :type => :array, :required => true, :banner => "NAME"
|
|
136
|
+
method_option :domain, type: :string, default: nil, banner: "/48 CIDR",
|
|
137
|
+
aliases: "-d"
|
|
123
138
|
method_option :description, :type => :array, :banner => "DESCRIPTION"
|
|
124
139
|
|
|
125
140
|
def provision_network
|
|
126
141
|
try_with_rescue_in_session do
|
|
127
|
-
#
|
|
128
|
-
|
|
129
|
-
raise EnfCli::ERROR, "User
|
|
142
|
+
# get correct domain
|
|
143
|
+
domain = EnfCli::CTX.instance.session[:domain]
|
|
144
|
+
raise EnfCli::ERROR, "User not in a valid domain!" unless domain
|
|
145
|
+
|
|
146
|
+
# check if admin
|
|
147
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
|
148
|
+
raise EnfCli::ERROR, "--domain is required" unless options[:domain]
|
|
149
|
+
|
|
150
|
+
domain = options[:domain]
|
|
151
|
+
elsif options[:domain]
|
|
152
|
+
say "Warning: Ignoring command option --domain #{options[:domain]}", :yellow
|
|
153
|
+
end
|
|
130
154
|
|
|
131
155
|
# Get options
|
|
132
156
|
description = ""
|
|
@@ -136,10 +160,9 @@ module EnfCli
|
|
|
136
160
|
# Call the api
|
|
137
161
|
hash = {
|
|
138
162
|
:name => network_name,
|
|
139
|
-
:domain_id => domain_id,
|
|
140
163
|
:description => description,
|
|
141
164
|
}
|
|
142
|
-
data = EnfApi::API.instance.create_nw hash
|
|
165
|
+
data = EnfApi::API.instance.create_nw domain, hash
|
|
143
166
|
networks = data[:data]
|
|
144
167
|
|
|
145
168
|
# display table
|
|
@@ -211,10 +234,10 @@ module EnfCli
|
|
|
211
234
|
|
|
212
235
|
# call api
|
|
213
236
|
data = { :data => [] }
|
|
214
|
-
|
|
215
|
-
|
|
237
|
+
|
|
238
|
+
if EnfCli::CTX.instance.xaptum_admin?
|
|
216
239
|
data = EnfApi::API.instance.list_domains
|
|
217
|
-
|
|
240
|
+
elsif EnfCli::CTX.instance.has_role?("DOMAIN_ADMIN")
|
|
218
241
|
data = EnfApi::API.instance.get_domain session[:domain_id]
|
|
219
242
|
end
|
|
220
243
|
|
|
@@ -252,13 +275,13 @@ module EnfCli
|
|
|
252
275
|
end
|
|
253
276
|
|
|
254
277
|
desc "list-domain-rate-limits", "List domain rate limits"
|
|
255
|
-
method_option :
|
|
278
|
+
method_option :domain, :type => :string, :required => true, :banner => "/48 CIDR"
|
|
256
279
|
method_option :filter, :type => :string, :enum => ["default", "max"]
|
|
257
280
|
|
|
258
281
|
def list_domain_rate_limits
|
|
259
282
|
try_with_rescue_in_session do
|
|
260
283
|
# Call the api
|
|
261
|
-
data = EnfApi::API.instance.get_domain_rate_limits options[:
|
|
284
|
+
data = EnfApi::API.instance.get_domain_rate_limits options[:domain], options[:filter]
|
|
262
285
|
|
|
263
286
|
# Get the limits
|
|
264
287
|
limits = data[:data][0]
|
|
@@ -274,7 +297,7 @@ module EnfCli
|
|
|
274
297
|
end
|
|
275
298
|
|
|
276
299
|
desc "list-network-rate-limits", "List network rate limits"
|
|
277
|
-
method_option :network, :type => :string, :required => true
|
|
300
|
+
method_option :network, :type => :string, :required => true, :banner => "/64 CIDR"
|
|
278
301
|
method_option :filter, :type => :string, :enum => ["default", "max"]
|
|
279
302
|
|
|
280
303
|
def list_network_rate_limits
|
|
@@ -318,12 +341,12 @@ module EnfCli
|
|
|
318
341
|
end
|
|
319
342
|
|
|
320
343
|
desc "activate-domain", "Activate a customer's /48 domain"
|
|
321
|
-
method_option :
|
|
344
|
+
method_option :domain, :type => :string, :required => true, banner: "/48 CIDR"
|
|
322
345
|
|
|
323
346
|
def activate_domain
|
|
324
347
|
try_with_rescue_in_session do
|
|
325
348
|
# Call api
|
|
326
|
-
data = EnfApi::API.instance.update_domain_status options[:
|
|
349
|
+
data = EnfApi::API.instance.update_domain_status options[:domain], { :status => "ACTIVE" }
|
|
327
350
|
domains = data[:data]
|
|
328
351
|
|
|
329
352
|
# Display the data
|
|
@@ -333,12 +356,12 @@ module EnfCli
|
|
|
333
356
|
end
|
|
334
357
|
|
|
335
358
|
desc "deactivate-domain", "Deactivate a customer's /48 domain"
|
|
336
|
-
method_option :
|
|
359
|
+
method_option :domain, :type => :string, :required => true, banner: "/48 CIDR"
|
|
337
360
|
|
|
338
361
|
def deactivate_domain
|
|
339
362
|
try_with_rescue_in_session do
|
|
340
363
|
# Call api
|
|
341
|
-
data = EnfApi::API.instance.update_domain_status options[:
|
|
364
|
+
data = EnfApi::API.instance.update_domain_status options[:domain], { :status => "READY" }
|
|
342
365
|
domains = data[:data]
|
|
343
366
|
|
|
344
367
|
# Display the data
|
|
@@ -348,12 +371,12 @@ module EnfCli
|
|
|
348
371
|
end
|
|
349
372
|
|
|
350
373
|
desc "set-domain-rate-limits", "Update a customer /48 domain's endpoint rate limits"
|
|
351
|
-
method_option :
|
|
374
|
+
method_option :domain, :type => :string, :required => true, banner: "/48 CIDR"
|
|
352
375
|
method_option :limit, :type => :string, :enum => ["default", "max"], :required => true
|
|
353
|
-
method_option :'packets-per-second', :type => :numeric, :required => true
|
|
354
|
-
method_option :'packets-burst-size', :type => :numeric, :required => true
|
|
355
|
-
method_option :'bytes-per-second', :type => :numeric, :required => true
|
|
356
|
-
method_option :'bytes-burst-size', :type => :numeric, :required => true
|
|
376
|
+
method_option :'packets-per-second', :type => :numeric, :required => true, aliases: "-p"
|
|
377
|
+
method_option :'packets-burst-size', :type => :numeric, :required => true, aliases: "-P"
|
|
378
|
+
method_option :'bytes-per-second', :type => :numeric, :required => true, aliases: "-b"
|
|
379
|
+
method_option :'bytes-burst-size', :type => :numeric, :required => true, aliases: "-B"
|
|
357
380
|
|
|
358
381
|
def set_domain_rate_limits
|
|
359
382
|
try_with_rescue_in_session do
|
|
@@ -364,7 +387,7 @@ module EnfCli
|
|
|
364
387
|
:bytes_per_second => options["bytes-per-second"],
|
|
365
388
|
:bytes_burst_size => options["bytes-burst-size"],
|
|
366
389
|
}
|
|
367
|
-
data = EnfApi::API.instance.update_domain_rate_limits options[:
|
|
390
|
+
data = EnfApi::API.instance.update_domain_rate_limits options[:domain], options[:limit], hash
|
|
368
391
|
limits = data[:data][0]
|
|
369
392
|
|
|
370
393
|
# The Api returns only the rate limits object. Have to add type explicitly to display
|
|
@@ -378,10 +401,10 @@ module EnfCli
|
|
|
378
401
|
desc "set-network-rate-limits", "Update a customer /64 network's endpoint rate limits"
|
|
379
402
|
method_option :network, :type => :string, :required => true
|
|
380
403
|
method_option :limit, :type => :string, :enum => ["default", "max"], :required => true
|
|
381
|
-
method_option :'packets-per-second', :type => :numeric, :required => true
|
|
382
|
-
method_option :'packets-burst-size', :type => :numeric, :required => true
|
|
383
|
-
method_option :'bytes-per-second', :type => :numeric, :required => true
|
|
384
|
-
method_option :'bytes-burst-size', :type => :numeric, :required => true
|
|
404
|
+
method_option :'packets-per-second', :type => :numeric, :required => true, aliases: "-p"
|
|
405
|
+
method_option :'packets-burst-size', :type => :numeric, :required => true, aliases: "-P"
|
|
406
|
+
method_option :'bytes-per-second', :type => :numeric, :required => true, aliases: "-b"
|
|
407
|
+
method_option :'bytes-burst-size', :type => :numeric, :required => true, aliases: "-B"
|
|
385
408
|
|
|
386
409
|
def set_network_rate_limits
|
|
387
410
|
try_with_rescue_in_session do
|
|
@@ -427,10 +450,10 @@ module EnfCli
|
|
|
427
450
|
desc "set-endpoint-rate-limits", "Update an ipv6 endpoint rate limits"
|
|
428
451
|
method_option :ipv6, :type => :string, :required => true
|
|
429
452
|
method_option :limit, :type => :string, :enum => ["current", "max"], :required => true
|
|
430
|
-
method_option :'packets-per-second', :type => :numeric, :required => true
|
|
431
|
-
method_option :'packets-burst-size', :type => :numeric, :required => true
|
|
432
|
-
method_option :'bytes-per-second', :type => :numeric, :required => true
|
|
433
|
-
method_option :'bytes-burst-size', :type => :numeric, :required => true
|
|
453
|
+
method_option :'packets-per-second', :type => :numeric, :required => true, aliases: "-p"
|
|
454
|
+
method_option :'packets-burst-size', :type => :numeric, :required => true, aliases: "-P"
|
|
455
|
+
method_option :'bytes-per-second', :type => :numeric, :required => true, aliases: "-b"
|
|
456
|
+
method_option :'bytes-burst-size', :type => :numeric, :required => true, aliases: "-B"
|
|
434
457
|
|
|
435
458
|
def set_endpoint_rate_limits
|
|
436
459
|
try_with_rescue_in_session do
|
|
@@ -474,17 +497,13 @@ module EnfCli
|
|
|
474
497
|
end
|
|
475
498
|
|
|
476
499
|
desc "list-endpoints", "List all connections in a network"
|
|
477
|
-
method_option :network, :type => :string, :required => true
|
|
500
|
+
method_option :network, :type => :string, :required => true, banner: "/48 CIDR"
|
|
478
501
|
method_option :file, :type => :string, :aliases => "-f"
|
|
479
502
|
|
|
480
503
|
def list_endpoints
|
|
481
504
|
try_with_rescue_in_session do
|
|
482
|
-
# verify domain context is set
|
|
483
|
-
domain_id = EnfCli::CTX.instance.session[:domain_id]
|
|
484
|
-
raise EnfCli::ERROR, "User's domain not available!" if !domain_id || domain_id < 0
|
|
485
|
-
|
|
486
505
|
# call api
|
|
487
|
-
data = EnfApi::API.instance.list_nw_connections
|
|
506
|
+
data = EnfApi::API.instance.list_nw_connections options.network
|
|
488
507
|
cxns = data[:data]
|
|
489
508
|
|
|
490
509
|
# display table
|
|
@@ -550,15 +569,15 @@ module EnfCli
|
|
|
550
569
|
end
|
|
551
570
|
|
|
552
571
|
desc "activate-enf-network", "Active a /34 enf network"
|
|
553
|
-
method_option :
|
|
572
|
+
method_option :cidr, :type => :string, :required => true
|
|
554
573
|
|
|
555
574
|
def activate_enfnw
|
|
556
575
|
try_with_rescue_in_session do
|
|
557
576
|
# Call the api
|
|
558
|
-
EnfApi::API.instance.activate_enfnw options.
|
|
577
|
+
EnfApi::API.instance.activate_enfnw options.cidr
|
|
559
578
|
|
|
560
579
|
# Print success
|
|
561
|
-
say "Activated Enf Network #{options.
|
|
580
|
+
say "Activated Enf Network #{options.cidr}!", :green
|
|
562
581
|
end
|
|
563
582
|
end
|
|
564
583
|
end # class
|