knife-acl 0.0.12 → 1.0.0.beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +318 -115
  3. data/lib/chef/knife/acl_add.rb +16 -27
  4. data/lib/chef/knife/acl_base.rb +104 -21
  5. data/lib/chef/knife/acl_bulk_add.rb +73 -0
  6. data/lib/chef/knife/acl_bulk_remove.rb +78 -0
  7. data/lib/chef/knife/acl_remove.rb +22 -28
  8. data/lib/chef/knife/acl_show.rb +1 -1
  9. data/lib/chef/knife/group_add.rb +51 -0
  10. data/lib/chef/knife/group_create.rb +14 -9
  11. data/lib/chef/knife/group_destroy.rb +17 -7
  12. data/lib/chef/knife/group_list.rb +8 -10
  13. data/lib/chef/knife/group_remove.rb +51 -0
  14. data/lib/chef/knife/group_show.rb +13 -25
  15. data/lib/chef/knife/user_list.rb +3 -3
  16. data/lib/knife-acl/version.rb +1 -1
  17. metadata +17 -17
  18. data/lib/chef/knife/actor_map.rb +0 -57
  19. data/lib/chef/knife/group_add_actor.rb +0 -89
  20. data/lib/chef/knife/group_remove_actor.rb +0 -86
data/lib/chef/knife/group_show.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  #
2
2
  # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
3
+ # Author:: Jeremiah Snapp (<jeremiah@chef.io>)
4
+ # Copyright:: Copyright 2011--2015 Chef Software, Inc.
4
5
  # License:: Apache License, Version 2.0
5
6
  #
6
7
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,38 +20,25 @@
19
20
  module OpscodeAcl
20
21
  class GroupShow < Chef::Knife
21
22
  category "OPSCODE HOSTED CHEF ACCESS CONTROL"
22
- banner "knife group show GROUP"
23
-
23
+ banner "knife group show GROUP_NAME"
24
+
24
25
  deps do
25
- require 'pp'
26
- require 'yaml'
26
+ include OpscodeAcl::AclBase
27
27
  end
28
28
 
29
29
  def run
30
- @user_map = if ::File.exists?("actor-map.yaml")
31
- YAML.load(IO.read("actor-map.yaml"))[:user_map]
32
- else
33
- {:users => {}, :usags => {}}
34
- end
35
30
  group_name = name_args[0]
36
- if !group_name || group_name.empty?
37
- ui.error "must specify a group name"
31
+
32
+ if name_args.length != 1
33
+ show_usage
34
+ ui.fatal "You must specify group name"
38
35
  exit 1
39
36
  end
40
- chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
41
- group = chef_rest.get_rest("groups/#{group_name}")
42
- ui.output(annotate_usags(group))
43
- end
44
37
 
45
- def annotate_usags(group)
46
- annotated = group["groups"].map do |name|
47
- user = @user_map[:usags][name] || ""
48
- {"group_id" => name,
49
- "user_usag" => user}
50
- end
51
- group["annotated_groups"] = annotated
52
- group
38
+ validate_member_name!(group_name)
39
+
40
+ group = rest.get_rest("groups/#{group_name}")
41
+ ui.output group
53
42
  end
54
43
  end
55
44
  end
56
-
data/lib/chef/knife/user_list.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  #
2
2
  # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
3
+ # Author:: Jeremiah Snapp (<jeremiah@chef.io>)
4
+ # Copyright:: Copyright 2011--2015 Chef Software, Inc.
4
5
  # License:: Apache License, Version 2.0
5
6
  #
6
7
  # Licensed under the Apache License, Version 2.0 (the "License");
@@ -26,8 +27,7 @@ module OpscodeAcl
26
27
  end
27
28
 
28
29
  def run
29
- chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
30
- users = chef_rest.get_rest("users").map { |u| u["user"]["username"] }
30
+ users = rest.get_rest("users").map { |u| u["user"]["username"] }
31
31
  pp users.sort
32
32
  end
33
33
  end
data/lib/knife-acl/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module KnifeACL
2
- VERSION = "0.0.12"
2
+ VERSION = "1.0.0.beta.1"
3
3
  end
metadata CHANGED
@@ -1,18 +1,18 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: knife-acl
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.12
5
- prerelease:
4
+ version: 1.0.0.beta.1
6
5
  platform: ruby
7
6
  authors:
8
7
  - Seth Falcon
8
+ - Jeremiah Snapp
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-04-01 00:00:00.000000000 Z
12
+ date: 2015-04-23 00:00:00.000000000 Z
13
13
  dependencies: []
14
- description: ACL Knife Tools for Opscode hosted Enterprise Chef/Enterprise Chef
15
- email: support@opscode.com
14
+ description: Knife plugin to manupulate Chef server access control lists
15
+ email: support@chef.io
16
16
  executables: []
17
17
  extensions: []
18
18
  extra_rdoc_files:
@@ -23,14 +23,15 @@ files:
23
23
  - README.md
24
24
  - lib/chef/knife/acl_add.rb
25
25
  - lib/chef/knife/acl_base.rb
26
+ - lib/chef/knife/acl_bulk_add.rb
27
+ - lib/chef/knife/acl_bulk_remove.rb
26
28
  - lib/chef/knife/acl_remove.rb
27
29
  - lib/chef/knife/acl_show.rb
28
- - lib/chef/knife/actor_map.rb
29
- - lib/chef/knife/group_add_actor.rb
30
+ - lib/chef/knife/group_add.rb
30
31
  - lib/chef/knife/group_create.rb
31
32
  - lib/chef/knife/group_destroy.rb
32
33
  - lib/chef/knife/group_list.rb
33
- - lib/chef/knife/group_remove_actor.rb
34
+ - lib/chef/knife/group_remove.rb
34
35
  - lib/chef/knife/group_show.rb
35
36
  - lib/chef/knife/user_dissociate.rb
36
37
  - lib/chef/knife/user_invite_add.rb
@@ -39,29 +40,28 @@ files:
39
40
  - lib/chef/knife/user_list.rb
40
41
  - lib/chef/knife/user_show.rb
41
42
  - lib/knife-acl/version.rb
42
- homepage: https://github.com/opscode/knife-acl/blob/master/README.md
43
+ homepage: https://github.com/chef/knife-acl
43
44
  licenses: []
45
+ metadata: {}
44
46
  post_install_message:
45
47
  rdoc_options: []
46
48
  require_paths:
47
49
  - lib
48
50
  required_ruby_version: !ruby/object:Gem::Requirement
49
- none: false
50
51
  requirements:
51
- - - ! '>='
52
+ - - ">="
52
53
  - !ruby/object:Gem::Version
53
54
  version: '0'
54
55
  required_rubygems_version: !ruby/object:Gem::Requirement
55
- none: false
56
56
  requirements:
57
- - - ! '>='
57
+ - - ">"
58
58
  - !ruby/object:Gem::Version
59
- version: '0'
59
+ version: 1.3.1
60
60
  requirements: []
61
61
  rubyforge_project:
62
- rubygems_version: 1.8.23
62
+ rubygems_version: 2.4.4
63
63
  signing_key:
64
- specification_version: 3
65
- summary: ACL Knife Tools for Opscode hosted Enterprise Chef/Enterprise Chef
64
+ specification_version: 4
65
+ summary: Knife plugin to manupulate Chef server access control lists
66
66
  test_files: []
67
67
  has_rdoc:
data/lib/chef/knife/actor_map.rb DELETED
@@ -1,57 +0,0 @@
1
- #
2
- # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- module OpscodeAcl
20
- class ActorMap < Chef::Knife
21
- category "OPSCODE HOSTED CHEF ACCESS CONTROL"
22
- banner "knife actor map"
23
-
24
- # writes a yaml file to current working directly named
25
- # 'actor-map.yaml'
26
- # group add/remove operations will read this file
27
- #
28
- deps do
29
- require 'pp'
30
- require 'yaml'
31
- end
32
-
33
- def run
34
- chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
35
- usags = chef_rest.get_rest("groups").keys.select do |gname|
36
- gname.length == 32 && gname =~ /^[0-9a-f]+$/
37
- end
38
- user_map = {:users => {}, :usags => {}}
39
- user_map = usags.inject(user_map) do |map, usag|
40
- a_group = chef_rest.get_rest("groups/#{usag}")
41
- actors = a_group["actors"]
42
- if actors.length == 1
43
- user_map[:users][actors.first] = usag
44
- user_map[:usags][usag] = actors.first
45
- end
46
- user_map
47
- end
48
- clients = chef_rest.get_rest("clients").keys.inject({}) { |h, c| h[c] = c; h }
49
- open("actor-map.yaml", "w") do |f|
50
- f.write({ :user_map => user_map, :clients => clients }.to_yaml)
51
- end
52
- ui.msg "Found %d users and %d clients" % [user_map[:users].size, clients.size]
53
- ui.msg "wrote map to 'actor-map.yaml'"
54
- end
55
- end
56
- end
57
-
data/lib/chef/knife/group_add_actor.rb DELETED
@@ -1,89 +0,0 @@
1
- #
2
- # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- module OpscodeAcl
20
- class GroupAddActor < Chef::Knife
21
- category "OPSCODE HOSTED CHEF ACCESS CONTROL"
22
- banner "knife group add actor GROUP ACTOR"
23
- attr_reader :actor_name, :group_name, :user_map, :clients
24
- deps do
25
- require 'yaml'
26
- end
27
-
28
- def run
29
- if !File.exists?("actor-map.yaml")
30
- ui.error "unable to find 'actor-map.yaml'. Run 'knife actor map' and try again."
31
- exit 1
32
- end
33
- actor_map = YAML.load(IO.read("actor-map.yaml"))
34
- @user_map = actor_map[:user_map]
35
- @clients = actor_map[:clients]
36
- @group_name = name_args[0]
37
- @actor_name = name_args[1]
38
-
39
- if !group_name || !actor_name
40
- ui.error "must specify GROUP and ACTOR"
41
- exit 1
42
- end
43
- find_actor_in_map
44
- @chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
45
- group = @chef_rest.get_rest("groups/#{group_name}")
46
- save_group(group)
47
- end
48
-
49
- def save_group(group)
50
- new_group = make_group_for_put(group)
51
- @chef_rest.put_rest("groups/#{new_group["groupname"]}", new_group)
52
- end
53
-
54
- def make_group_for_put(existing_group)
55
- new_group = {
56
- "groupname" => existing_group["groupname"],
57
- "orgname" => existing_group["orgname"],
58
- "actors" => {
59
- # users are added to groups via the user's USAG so we never
60
- # modify the users directly
61
- "users" => existing_group["users"],
62
- "clients" => maybe_add_actor(:client, existing_group["clients"]),
63
- "groups" => maybe_add_actor(:user, existing_group["groups"])
64
- }
65
- }
66
- end
67
-
68
- def maybe_add_actor(type, actors)
69
- new_actors = actors.dup
70
- if @actor_type == type && !new_actors.include?(@actor_id)
71
- new_actors << @actor_id
72
- end
73
- new_actors
74
- end
75
-
76
- def find_actor_in_map
77
- @actor_type, @actor_id = if user_map[:users][actor_name]
78
- [:user, user_map[:users][actor_name]]
79
- else
80
- [:client, clients[actor_name]]
81
- end
82
- if @actor_id.nil?
83
- ui.error("no user or client named '#{actor_name}' in actor-map.yaml")
84
- exit 1
85
- end
86
- true
87
- end
88
- end
89
- end
data/lib/chef/knife/group_remove_actor.rb DELETED
@@ -1,86 +0,0 @@
1
- #
2
- # Author:: Seth Falcon (<seth@opscode.com>)
3
- # Copyright:: Copyright 2011--2014 Chef Software, Inc.
4
- # License:: Apache License, Version 2.0
5
- #
6
- # Licensed under the Apache License, Version 2.0 (the "License");
7
- # you may not use this file except in compliance with the License.
8
- # You may obtain a copy of the License at
9
- #
10
- # http://www.apache.org/licenses/LICENSE-2.0
11
- #
12
- # Unless required by applicable law or agreed to in writing, software
13
- # distributed under the License is distributed on an "AS IS" BASIS,
14
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
- # See the License for the specific language governing permissions and
16
- # limitations under the License.
17
- #
18
-
19
- module OpscodeAcl
20
- class GroupRemoveActor < Chef::Knife
21
- category "OPSCODE HOSTED CHEF ACCESS CONTROL"
22
- banner "knife group remove actor GROUP ACTOR"
23
- attr_reader :actor_name, :group_name, :user_map, :clients
24
- deps do
25
- require 'yaml'
26
- end
27
-
28
- def run
29
- if !File.exists?("actor-map.yaml")
30
- ui.error "unable to find 'actor-map.yaml'. Run 'knife actor map' and try again."
31
- exit 1
32
- end
33
- actor_map = YAML.load(IO.read("actor-map.yaml"))
34
- @user_map = actor_map[:user_map]
35
- @clients = actor_map[:clients]
36
- @group_name = name_args[0]
37
- @actor_name = name_args[1]
38
-
39
- if !group_name || !actor_name
40
- ui.error "must specify GROUP and ACTOR"
41
- exit 1
42
- end
43
- find_actor_in_map
44
- @chef_rest = Chef::REST.new(Chef::Config[:chef_server_url])
45
- group = @chef_rest.get_rest("groups/#{group_name}")
46
- case @actor_type
47
- when :user
48
- group["groups"].delete(@actor_id)
49
- group["users"].delete(actor_name)
50
- when :client
51
- group["clients"].delete(@actor_id)
52
- end
53
- save_group(group)
54
- end
55
-
56
- def save_group(group)
57
- new_group = make_group_for_put(group)
58
- @chef_rest.put_rest("groups/#{new_group["groupname"]}", new_group)
59
- end
60
-
61
- def make_group_for_put(existing_group)
62
- new_group = {
63
- "groupname" => existing_group["groupname"],
64
- "orgname" => existing_group["orgname"],
65
- "actors" => {
66
- "clients" => existing_group["clients"],
67
- "groups" => existing_group["groups"],
68
- "users" => existing_group["users"]
69
- }
70
- }
71
- end
72
-
73
- def find_actor_in_map
74
- @actor_type, @actor_id = if user_map[:users][actor_name]
75
- [:user, user_map[:users][actor_name]]
76
- else
77
- [:client, clients[actor_name]]
78
- end
79
- if @actor_id.nil?
80
- ui.error("no user or client named '#{actor_name}' in actor-map.yaml")
81
- exit 1
82
- end
83
- true
84
- end
85
- end
86
- end