knife-acl 0.0.12 → 1.0.0.beta.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (20) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +318 -115
  3. data/lib/chef/knife/acl_add.rb +16 -27
  4. data/lib/chef/knife/acl_base.rb +104 -21
  5. data/lib/chef/knife/acl_bulk_add.rb +73 -0
  6. data/lib/chef/knife/acl_bulk_remove.rb +78 -0
  7. data/lib/chef/knife/acl_remove.rb +22 -28
  8. data/lib/chef/knife/acl_show.rb +1 -1
  9. data/lib/chef/knife/group_add.rb +51 -0
  10. data/lib/chef/knife/group_create.rb +14 -9
  11. data/lib/chef/knife/group_destroy.rb +17 -7
  12. data/lib/chef/knife/group_list.rb +8 -10
  13. data/lib/chef/knife/group_remove.rb +51 -0
  14. data/lib/chef/knife/group_show.rb +13 -25
  15. data/lib/chef/knife/user_list.rb +3 -3
  16. data/lib/knife-acl/version.rb +1 -1
  17. metadata +17 -17
  18. data/lib/chef/knife/actor_map.rb +0 -57
  19. data/lib/chef/knife/group_add_actor.rb +0 -89
  20. data/lib/chef/knife/group_remove_actor.rb +0 -86
data/lib/chef/knife/group_show.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  #
2
2
  # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
3
+ # Author:: Jeremiah Snapp (<jeremiah@chef.io>)
4
+ # Copyright:: Copyright 2011--2015 Chef Software, Inc.
4
5
  # License:: Apache License, Version 2.0
5
6
  #
6
7
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,38 +20,25 @@
19
20
  module OpscodeAcl
20
21
  class GroupShow < Chef::Knife
21
22
  category "OPSCODE HOSTED CHEF ACCESS CONTROL"
22
- banner "knife group show GROUP"
23
-
23
+ banner "knife group show GROUP_NAME"
24
+
24
25
  deps do
25
- require 'pp'
26
- require 'yaml'
26
+ include OpscodeAcl::AclBase
27
27
  end
28
28
 
29
29
  def run
30
- @user_map = if ::File.exists?("actor-map.yaml")
31
- YAML.load(IO.read("actor-map.yaml"))[:user_map]
32
- else
33
- {:users => {}, :usags => {}}
34
- end
35
30
  group_name = name_args[0]
36
- if !group_name || group_name.empty?
37
- ui.error "must specify a group name"
31
+
32
+ if name_args.length != 1
33
+ show_usage
34
+ ui.fatal "You must specify group name"
38
35
  exit 1
39
36
  end
40
- chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
41
- group = chef_rest.get_rest("groups/#{group_name}")
42
- ui.output(annotate_usags(group))
43
- end
44
37
 
45
- def annotate_usags(group)
46
- annotated = group["groups"].map do |name|
47
- user = @user_map[:usags][name] || ""
48
- {"group_id" => name,
49
- "user_usag" => user}
50
- end
51
- group["annotated_groups"] = annotated
52
- group
38
+ validate_member_name!(group_name)
39
+
40
+ group = rest.get_rest("groups/#{group_name}")
41
+ ui.output group
53
42
  end
54
43
  end
55
44
  end
56
-
data/lib/chef/knife/user_list.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  #
2
2
  # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
3
+ # Author:: Jeremiah Snapp (<jeremiah@chef.io>)
4
+ # Copyright:: Copyright 2011--2015 Chef Software, Inc.
4
5
  # License:: Apache License, Version 2.0
5
6
  #
6
7
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -26,8 +27,7 @@ module OpscodeAcl
26
27
  end
27
28
 
28
29
  def run
29
- chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
30
- users = chef_rest.get_rest("users").map { |u| u["user"]["username"] }
30
+ users = rest.get_rest("users").map { |u| u["user"]["username"] }
31
31
  pp users.sort
32
32
  end
33
33
  end
data/lib/knife-acl/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module KnifeACL
2
- VERSION = "0.0.12"
2
+ VERSION = "1.0.0.beta.1"
3
3
  end
metadata CHANGED
@@ -1,18 +1,18 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: knife-acl
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.12
5
- prerelease:
4
+ version: 1.0.0.beta.1
6
5
  platform: ruby
7
6
  authors:
8
7
  - Seth Falcon
8
+ - Jeremiah Snapp
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-04-01 00:00:00.000000000 Z
12
+ date: 2015-04-23 00:00:00.000000000 Z
13
13
  dependencies: []
14
- description: ACL Knife Tools for Opscode hosted Enterprise Chef/Enterprise Chef
15
- email: support@opscode.com
14
+ description: Knife plugin to manupulate Chef server access control lists
15
+ email: support@chef.io
16
16
  executables: []
17
17
  extensions: []
18
18
  extra_rdoc_files:
@@ -23,14 +23,15 @@ files:
23
23
  - README.md
24
24
  - lib/chef/knife/acl_add.rb
25
25
  - lib/chef/knife/acl_base.rb
26
+ - lib/chef/knife/acl_bulk_add.rb
27
+ - lib/chef/knife/acl_bulk_remove.rb
26
28
  - lib/chef/knife/acl_remove.rb
27
29
  - lib/chef/knife/acl_show.rb
28
- - lib/chef/knife/actor_map.rb
29
- - lib/chef/knife/group_add_actor.rb
30
+ - lib/chef/knife/group_add.rb
30
31
  - lib/chef/knife/group_create.rb
31
32
  - lib/chef/knife/group_destroy.rb
32
33
  - lib/chef/knife/group_list.rb
33
- - lib/chef/knife/group_remove_actor.rb
34
+ - lib/chef/knife/group_remove.rb
34
35
  - lib/chef/knife/group_show.rb
35
36
  - lib/chef/knife/user_dissociate.rb
36
37
  - lib/chef/knife/user_invite_add.rb
@@ -39,29 +40,28 @@ files:
39
40
  - lib/chef/knife/user_list.rb
40
41
  - lib/chef/knife/user_show.rb
41
42
  - lib/knife-acl/version.rb
42
- homepage: https://github.com/opscode/knife-acl/blob/master/README.md
43
+ homepage: https://github.com/chef/knife-acl
43
44
  licenses: []
45
+ metadata: {}
44
46
  post_install_message:
45
47
  rdoc_options: []
46
48
  require_paths:
47
49
  - lib
48
50
  required_ruby_version: !ruby/object:Gem::Requirement
49
- none: false
50
51
  requirements:
51
- - - ! '>='
52
+ - - ">="
52
53
  - !ruby/object:Gem::Version
53
54
  version: '0'
54
55
  required_rubygems_version: !ruby/object:Gem::Requirement
55
- none: false
56
56
  requirements:
57
- - - ! '>='
57
+ - - ">"
58
58
  - !ruby/object:Gem::Version
59
- version: '0'
59
+ version: 1.3.1
60
60
  requirements: []
61
61
  rubyforge_project:
62
- rubygems_version: 1.8.23
62
+ rubygems_version: 2.4.4
63
63
  signing_key:
64
- specification_version: 3
65
- summary: ACL Knife Tools for Opscode hosted Enterprise Chef/Enterprise Chef
64
+ specification_version: 4
65
+ summary: Knife plugin to manupulate Chef server access control lists
66
66
  test_files: []
67
67
  has_rdoc:
data/lib/chef/knife/actor_map.rb DELETED
@@ -1,57 +0,0 @@
1
- #
2
- # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- module OpscodeAcl
20
- class ActorMap < Chef::Knife
21
- category "OPSCODE HOSTED CHEF ACCESS CONTROL"
22
- banner "knife actor map"
23
-
24
- # writes a yaml file to current working directly named
25
- # 'actor-map.yaml'
26
- # group add/remove operations will read this file
27
- #
28
- deps do
29
- require 'pp'
30
- require 'yaml'
31
- end
32
-
33
- def run
34
- chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
35
- usags = chef_rest.get_rest("groups").keys.select do |gname|
36
- gname.length == 32 && gname =~ /^[0-9a-f]+$/
37
- end
38
- user_map = {:users => {}, :usags => {}}
39
- user_map = usags.inject(user_map) do |map, usag|
40
- a_group = chef_rest.get_rest("groups/#{usag}")
41
- actors = a_group["actors"]
42
- if actors.length == 1
43
- user_map[:users][actors.first] = usag
44
- user_map[:usags][usag] = actors.first
45
- end
46
- user_map
47
- end
48
- clients = chef_rest.get_rest("clients").keys.inject({}) { |h, c| h[c] = c; h }
49
- open("actor-map.yaml", "w") do |f|
50
- f.write({ :user_map => user_map, :clients => clients }.to_yaml)
51
- end
52
- ui.msg "Found %d users and %d clients" % [user_map[:users].size, clients.size]
53
- ui.msg "wrote map to 'actor-map.yaml'"
54
- end
55
- end
56
- end
57
-
data/lib/chef/knife/group_add_actor.rb DELETED
@@ -1,89 +0,0 @@
1
- #
2
- # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- module OpscodeAcl
20
- class GroupAddActor < Chef::Knife
21
- category "OPSCODE HOSTED CHEF ACCESS CONTROL"
22
- banner "knife group add actor GROUP ACTOR"
23
- attr_reader :actor_name, :group_name, :user_map, :clients
24
- deps do
25
- require 'yaml'
26
- end
27
-
28
- def run
29
- if !File.exists?("actor-map.yaml")
30
- ui.error "unable to find 'actor-map.yaml'. Run 'knife actor map' and try again."
31
- exit 1
32
- end
33
- actor_map = YAML.load(IO.read("actor-map.yaml"))
34
- @user_map = actor_map[:user_map]
35
- @clients = actor_map[:clients]
36
- @group_name = name_args[0]
37
- @actor_name = name_args[1]
38
-
39
- if !group_name || !actor_name
40
- ui.error "must specify GROUP and ACTOR"
41
- exit 1
42
- end
43
- find_actor_in_map
44
- @chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
45
- group = @chef_rest.get_rest("groups/#{group_name}")
46
- save_group(group)
47
- end
48
-
49
- def save_group(group)
50
- new_group = make_group_for_put(group)
51
- @chef_rest.put_rest("groups/#{new_group["groupname"]}", new_group)
52
- end
53
-
54
- def make_group_for_put(existing_group)
55
- new_group = {
56
- "groupname" => existing_group["groupname"],
57
- "orgname" => existing_group["orgname"],
58
- "actors" => {
59
- # users are added to groups via the user's USAG so we never
60
- # modify the users directly
61
- "users" => existing_group["users"],
62
- "clients" => maybe_add_actor(:client, existing_group["clients"]),
63
- "groups" => maybe_add_actor(:user, existing_group["groups"])
64
- }
65
- }
66
- end
67
-
68
- def maybe_add_actor(type, actors)
69
- new_actors = actors.dup
70
- if @actor_type == type && !new_actors.include?(@actor_id)
71
- new_actors << @actor_id
72
- end
73
- new_actors
74
- end
75
-
76
- def find_actor_in_map
77
- @actor_type, @actor_id = if user_map[:users][actor_name]
78
- [:user, user_map[:users][actor_name]]
79
- else
80
- [:client, clients[actor_name]]
81
- end
82
- if @actor_id.nil?
83
- ui.error("no user or client named '#{actor_name}' in actor-map.yaml")
84
- exit 1
85
- end
86
- true
87
- end
88
- end
89
- end
data/lib/chef/knife/group_remove_actor.rb DELETED
@@ -1,86 +0,0 @@
1
- #
2
- # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- module OpscodeAcl
20
- class GroupRemoveActor < Chef::Knife
21
- category "OPSCODE HOSTED CHEF ACCESS CONTROL"
22
- banner "knife group remove actor GROUP ACTOR"
23
- attr_reader :actor_name, :group_name, :user_map, :clients
24
- deps do
25
- require 'yaml'
26
- end
27
-
28
- def run
29
- if !File.exists?("actor-map.yaml")
30
- ui.error "unable to find 'actor-map.yaml'. Run 'knife actor map' and try again."
31
- exit 1
32
- end
33
- actor_map = YAML.load(IO.read("actor-map.yaml"))
34
- @user_map = actor_map[:user_map]
35
- @clients = actor_map[:clients]
36
- @group_name = name_args[0]
37
- @actor_name = name_args[1]
38
-
39
- if !group_name || !actor_name
40
- ui.error "must specify GROUP and ACTOR"
41
- exit 1
42
- end
43
- find_actor_in_map
44
- @chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
45
- group = @chef_rest.get_rest("groups/#{group_name}")
46
- case @actor_type
47
- when :user
48
- group["groups"].delete(@actor_id)
49
- group["users"].delete(actor_name)
50
- when :client
51
- group["clients"].delete(@actor_id)
52
- end
53
- save_group(group)
54
- end
55
-
56
- def save_group(group)
57
- new_group = make_group_for_put(group)
58
- @chef_rest.put_rest("groups/#{new_group["groupname"]}", new_group)
59
- end
60
-
61
- def make_group_for_put(existing_group)
62
- new_group = {
63
- "groupname" => existing_group["groupname"],
64
- "orgname" => existing_group["orgname"],
65
- "actors" => {
66
- "clients" => existing_group["clients"],
67
- "groups" => existing_group["groups"],
68
- "users" => existing_group["users"]
69
- }
70
- }
71
- end
72
-
73
- def find_actor_in_map
74
- @actor_type, @actor_id = if user_map[:users][actor_name]
75
- [:user, user_map[:users][actor_name]]
76
- else
77
- [:client, clients[actor_name]]
78
- end
79
- if @actor_id.nil?
80
- ui.error("no user or client named '#{actor_name}' in actor-map.yaml")
81
- exit 1
82
- end
83
- true
84
- end
85
- end
86
- end