morpheus-cli 0.9.9 → 0.9.10

data/lib/morpheus/cli/option_types.rb

@@ -24,7 +24,7 @@ module Morpheus
           end
         end
 
-        def self.prompt(option_types, options={}, api_client=nil,api_params={})
+        def self.prompt(option_types, options={}, api_client=nil,api_params={}, no_prompt=false)
           results = {}
           options = options || {}
           # puts "Options Prompt #{options}"
@@ -37,15 +37,51 @@ module Morpheus
               context_map = results[option_type['fieldContext']]
               if options[option_type['fieldContext']] and options[option_type['fieldContext']].key?(option_type['fieldName'])
                 value = options[option_type['fieldContext']][option_type['fieldName']]
+                if option_type['type'] == 'number'
+                  value = value.to_i
+                end
                 value_found = true
               end
             end
 
             if value_found == false && options.key?(option_type['fieldName'])
               value = options[option_type['fieldName']]
+              if option_type['type'] == 'number'
+                value = value.to_i
+              end
               value_found = true
             end
 
+            # no_prompt means skip prompting and instead
+            # use default value or error if a required option is not present
+            no_prompt = no_prompt || options[:no_prompt]
+            if no_prompt
+              if !value_found
+                if option_type['defaultValue']
+                  value = option_type['defaultValue']
+                  value_found = true
+                end
+                if !value_found
+                  # select type is special because it supports skipSingleOption 
+                  # and prints the available options on error
+                  if option_type['type'] == 'select'
+                    value = select_prompt(option_type, api_client, api_params, true)
+                    value_found = !!value
+                  end
+                  if !value_found
+                    if option_type['required']
+                      print Term::ANSIColor.red, "\nMissing Required Option\n\n"
+                      print Term::ANSIColor.red, "  * #{option_type['fieldLabel']} [-O #{option_type['fieldContext'] ? (option_type['fieldContext']+'.') : ''}#{option_type['fieldName']}=] - ", Term::ANSIColor.reset , "#{option_type['description']}\n"
+                      print "\n"
+                      exit 1
+                    else
+                      next
+                    end
+                  end
+                end
+              end
+            end
+
             if !value_found
               if option_type['type'] == 'number'
                 value = number_prompt(option_type)
@@ -115,7 +151,7 @@ module Morpheus
             value_found = false
             value = nil
             while !value_found do
-                print "#{option_type['fieldLabel']}#{option_type['fieldAddOn'] ? ('(' + option_type['fieldAddOn'] + ') ') : '' }#{!option_type['required'] ? ' (optional)' : ''}: "
+                print "#{option_type['fieldLabel']}#{option_type['fieldAddOn'] ? ('(' + option_type['fieldAddOn'] + ') ') : '' }#{!option_type['required'] ? ' (optional)' : ''}#{option_type['defaultValue'] ? ' ['+option_type['defaultValue'].to_s+']' : ''}: "
                 input = $stdin.gets.chomp!
                 value = input.empty? ? option_type['defaultValue'] : input.to_i
                 if input == '?'
@@ -127,36 +163,53 @@ module Morpheus
             return value
         end
 
-        def self.select_prompt(option_type,api_client, api_params={})
+        def self.select_prompt(option_type,api_client, api_params={}, no_prompt=false)
           value_found = false
           value = nil
-          if option_type['optionSource']
-            source_options = load_source_options(option_type['optionSource'],api_client,api_params)
+          if option_type['selectOptions']
+            select_options = option_type['selectOptions']
+          elsif option_type['optionSource']
+            select_options = load_source_options(option_type['optionSource'],api_client,api_params)
+          else
+            raise "select_prompt() requires selectOptions or optionSource!"
           end
-          if !source_options.nil? && !source_options.count == 1 && option_type['skipSingleOption'] == true
+          if !select_options.nil? && select_options.count == 1 && option_type['skipSingleOption'] == true
             value_found = true
-            value = source_option['value']
+            value = select_options[0]['value']
+          end
+          if no_prompt
+            if !value_found
+              if option_type['required']
+                print Term::ANSIColor.red, "\nMissing Required Option\n\n"
+                print Term::ANSIColor.red, "  * #{option_type['fieldLabel']} [-O #{option_type['fieldContext'] ? (option_type['fieldContext']+'.') : ''}#{option_type['fieldName']}=] - ", Term::ANSIColor.reset , "#{option_type['description']}\n"
+                display_select_options(select_options)
+                print "\n"
+                exit 1
+              else
+                return nil
+              end
+            end
           end
           while !value_found do
               Readline.completion_append_character = ""
               Readline.basic_word_break_characters = ''
-              Readline.completion_proc = proc {|s| source_options.clone.collect{|opt| opt['name']}.grep(/^#{Regexp.escape(s)}/)}
-              input = Readline.readline("#{option_type['fieldLabel']}#{option_type['fieldAddOn'] ? ('(' + option_type['fieldAddOn'] + ') ') : '' }#{!option_type['required'] ? ' (optional)' : ''} ['?' for options]: ", false).to_s
+              Readline.completion_proc = proc {|s| select_options.clone.collect{|opt| opt['name']}.grep(/^#{Regexp.escape(s)}/)}
+              input = Readline.readline("#{option_type['fieldLabel']}#{option_type['fieldAddOn'] ? ('(' + option_type['fieldAddOn'] + ') ') : '' }#{!option_type['required'] ? ' (optional)' : ''}#{option_type['defaultValue'] ? ' ['+option_type['defaultValue'].to_s+']' : ''} ['?' for options]: ", false).to_s
               input = input.chomp.strip
-              if option_type['optionSource']
-                source_option = source_options.find{|b| b['name'] == input || (!b['value'].nil? && b['value'].to_s == input) || (b['value'].nil? && input.empty?)}
-                if source_option
-                  value = source_option['value']
+              if input.empty?
+                value = option_type['defaultValue']
+              else
+                select_option = select_options.find{|b| b['name'] == input || (!b['value'].nil? && b['value'].to_s == input) || (b['value'].nil? && input.empty?)}
+                if select_option
+                  value = select_option['value']
                 elsif !input.nil?  && !input.empty?
                   input = '?'
                 end
-              else
-                value = input.empty? ? option_type['defaultValue'] : input
               end
               
               if input == '?'
                   help_prompt(option_type)
-                  display_select_options(source_options)
+                  display_select_options(select_options)
               elsif !value.nil? || option_type['required'] != true
                 value_found = true
               end
@@ -190,7 +243,7 @@ module Morpheus
             value_found = false
             value = nil
             while !value_found do
-                print "#{option_type['fieldLabel']}#{option_type['fieldAddOn'] ? ('(' + option_type['fieldAddOn'] + ') ') : '' }#{!option_type['required'] ? ' (optional)' : ''}: "
+                print "#{option_type['fieldLabel']}#{option_type['fieldAddOn'] ? ('(' + option_type['fieldAddOn'] + ') ') : '' }#{!option_type['required'] ? ' (optional)' : ''}#{option_type['defaultValue'] ? ' ['+option_type['defaultValue'].to_s+']' : ''}: "
                 input = $stdin.gets.chomp!
                 value = input.empty? ? option_type['defaultValue'] : input
                 if input == '?'
@@ -242,7 +295,7 @@ module Morpheus
         end
 
         def self.help_prompt(option_type)
-            print Term::ANSIColor.green,"  * #{option_type['fieldLabel']} [-O #{option_type['fieldName']}=] - ", Term::ANSIColor.reset , "#{option_type['description']}\n"
+            print Term::ANSIColor.green,"  * #{option_type['fieldLabel']} [-O #{option_type['fieldContext'] ? (option_type['fieldContext']+'.') : ''}#{option_type['fieldName']}=] - ", Term::ANSIColor.reset , "#{option_type['description']}\n"
         end
 
 

data/lib/morpheus/cli/roles.rb

@@ -1,7 +1,6 @@
 # require 'yaml'
 require 'io/console'
 require 'rest_client'
-require 'term/ansicolor'
 require 'optparse'
 require 'morpheus/cli/cli_command'
 require 'morpheus/cli/option_types'
@@ -9,7 +8,6 @@ require 'morpheus/cli/mixins/accounts_helper'
 require 'json'
 
 class Morpheus::Cli::Roles
-	include Term::ANSIColor
   include Morpheus::Cli::CliCommand
   include Morpheus::Cli::AccountsHelper
   
@@ -21,18 +19,25 @@ class Morpheus::Cli::Roles
 	def connect(opts)
 		@access_token = Morpheus::Cli::Credentials.new(@appliance_name,@appliance_url).request_credentials()
 		if @access_token.empty?
-			print red,bold, "\nInvalid Credentials. Unable to acquire access token. Please verify your credentials and try again.\n\n",reset
+			print_red_alert "Invalid Credentials. Unable to acquire access token. Please verify your credentials and try again."
 			exit 1
 		end
 		@api_client = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url)
 		@users_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).users
 		@accounts_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).accounts
 		@roles_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).roles
+		@active_groups = ::Morpheus::Cli::Groups.load_group_file
+		@groups_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).groups
+		@options_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).options
+		#@clouds_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).instance_types
+		@instance_types_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).instance_types
+
 	end
 
 	def handle(args)
+		usage = "Usage: morpheus roles [list,details,add,update,remove,update-feature-access,update-global-group-access,update-group-access,update-global-cloud-access,update-cloud-access,update-global-instance-type-access,update-instance-type-access] [name]"
 		if args.empty?
-			puts "\nUsage: morpheus roles [list]\n\n"
+			puts "\n#{usage}\n\n"
 			exit 1
 		end
 
@@ -43,32 +48,46 @@ class Morpheus::Cli::Roles
 				details(args[1..-1])
 			when 'add'
 				add(args[1..-1])
+			when 'update'
+				update(args[1..-1])
 			when 'remove'
 				remove(args[1..-1])
+			when 'update-feature-access'
+				update_feature_access(args[1..-1])
+			when 'update-global-group-access'
+				update_global_group_access(args[1..-1])
+			when 'update-group-access'
+				update_group_access(args[1..-1])
+			when 'update-global-cloud-access'
+				update_global_cloud_access(args[1..-1])
+			when 'update-cloud-access'
+				update_cloud_access(args[1..-1])
+			when 'update-global-instance-type-access'
+				update_global_instance_type_access(args[1..-1])
+			when 'update-instance-type-access'
+				update_instance_type_access(args[1..-1])
 			else
-				puts "\nUsage: morpheus hosts [list] \n\n"
+				puts "\n#{usage}\n\n"
 				exit 127
 		end
 	end
 
 	def list(args)
-		account_name = nil
+		usage = "Usage: morpheus roles list"
 		options = {}
-		params = {}
 		optparse = OptionParser.new do|opts|
-			Morpheus::Cli::CliCommand.accountScopeOptions(opts,options)
-			Morpheus::Cli::CliCommand.genericOptions(opts,options)
+			opts.banner = usage
+			build_common_options(opts, options, [:list, :json])
 		end
 		optparse.parse(args)
+
 		connect(options)
 		begin
-			account_id = nil 
-			if !account_name.nil?
-				account = find_account_by_name(account_name)
-				exit 1 if account.nil?
-				account_id = account['id']
-			end
 			
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+			
+			params = {}
 			[:phrase, :offset, :max, :sort, :direction].each do |k|
 				params[k] = options[k] unless options[k].nil?
 			end
@@ -89,40 +108,58 @@ class Morpheus::Cli::Roles
 				print reset,"\n\n"
 			end
 		rescue RestClient::Exception => e
-			::Morpheus::Cli::ErrorHandler.new.print_rest_exception(e)
+			print_rest_exception(e, options)
 			exit 1
 		end
 	end
 
 	def details(args)
-		usage = "Usage: morpheus roles details [name] [options]"
-		if args.count < 1
-			puts "\n#{usage}\n\n"
-			exit 1
-		end
-		account = nil
-		name = args[0]
+		usage = "Usage: morpheus roles details [name]"
 		options = {}
-		params = {}
 		optparse = OptionParser.new do|opts|
 			opts.banner = usage
-			Morpheus::Cli::CliCommand.accountScopeOptions(opts,options)
-			Morpheus::Cli::CliCommand.genericOptions(opts,options)
+			opts.on(nil,'--feature-access', "Display Feature Access") do |val|
+				options[:include_feature_access] = true
+			end
+			opts.on(nil,'--group-access', "Display Group Access") do
+				options[:include_group_access] = true
+			end
+			opts.on(nil,'--cloud-access', "Display Cloud Access") do
+				options[:include_cloud_access] = true
+			end
+			opts.on(nil,'--instance-type-access', "Display Instance Type Access") do
+				options[:include_instance_type_access] = true
+			end
+			opts.on(nil,'--all-access', "Display All Access Lists") do
+				options[:include_feature_access] = true
+				options[:include_group_access] = true
+				options[:include_cloud_access] = true
+				options[:include_instance_type_access] = true
+			end
+			build_common_options(opts, options, [:json])
 		end
 		optparse.parse(args)
+
+		if args.count < 1
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+
 		connect(options)
 		begin
 			
 			account = find_account_from_options(options)
 			account_id = account ? account['id'] : nil
 	
-			# todo: roles_response = @roles_interface.list(account_id, {name: name}) instead
-			#       there may be response data outside of role that needs to be displayed
 			role = find_role_by_name(account_id, name)
 			exit 1 if role.nil?
 
+			json_response = @roles_interface.get(account_id, role['id'])
+			role = json_response['role']
+
 			if options[:json]
-				print JSON.pretty_generate(role)
+				print JSON.pretty_generate(json_response)
 				print "\n"
 			else
 				print "\n" ,cyan, bold, "Role Details\n","==================", reset, "\n\n"
@@ -134,31 +171,685 @@ class Morpheus::Cli::Roles
 				puts "Owner: #{role['owner'] ? role['owner']['name'] : nil}"
 				puts "Date Created: #{format_local_dt(role['dateCreated'])}"
 				puts "Last Updated: #{format_local_dt(role['lastUpdated'])}"
+
 				print "\n" ,cyan, bold, "Role Instance Limits\n","==================", reset, "\n\n"
 				print cyan
 				puts "Max Storage (bytes): #{role['instanceLimits'] ? role['instanceLimits']['maxStorage'] : 0}"
 				puts "Max Memory (bytes): #{role['instanceLimits'] ? role['instanceLimits']['maxMemory'] : 0}"
 				puts "CPU Count: #{role['instanceLimits'] ? role['instanceLimits']['maxCpu'] : 0}"
+
+				print "\n" ,cyan, bold, "Feature Access\n","==================", reset, "\n\n"
 				print cyan
+
+				if options[:include_feature_access]
+					rows = json_response['featurePermissions'].collect do |it|
+			      {
+			      	code: it['code'], 
+			        name: it['name'], 
+			        access: get_access_string(it['access']), 
+			      }
+			    end
+			    tp rows, [:code, :name, :access]
+			  else
+			  	puts "Use --feature-access to list feature access"
+			  end
+
+		    print "\n" ,cyan, bold, "Group Access\n","==================", reset, "\n\n"
+				print cyan
+				
+				puts "Global Group Access: #{get_access_string(json_response['globalSiteAccess'])}\n\n"
+				if json_response['globalSiteAccess'] == 'custom'
+					if options[:include_group_access]
+						rows = json_response['sites'].collect do |it|
+				      {
+				        name: it['name'], 
+				        access: get_access_string(it['access']), 
+				      }
+				    end
+				    tp rows, [:name, :access]
+					else
+						puts "Use --group-access to list custom access"
+					end
+				end
+
+				print "\n" ,cyan, bold, "Cloud Access\n","==================", reset, "\n\n"
+				print cyan
+				
+				puts "Global Cloud Access: #{get_access_string(json_response['globalZoneAccess'])}\n\n"
+				if json_response['globalZoneAccess'] == 'custom'
+					if options[:include_cloud_access]
+						rows = json_response['zones'].collect do |it|
+				      {
+				        name: it['name'], 
+				        access: get_access_string(it['access']), 
+				      }
+				    end
+				    tp rows, [:name, :access]
+					else
+						puts "Use --cloud-access to list custom access"
+					end
+				end
+
+				print "\n" ,cyan, bold, "Instance Type Access\n","==================", reset, "\n\n"
+				print cyan
+				
+				puts "Global Instance Type Access: #{get_access_string(json_response['globalInstanceTypeAccess'])}\n\n"
+				if json_response['globalInstanceTypeAccess'] == 'custom'
+					if options[:include_instance_type_access]
+						rows = json_response['instanceTypePermissions'].collect do |it|
+				      {
+				        name: it['name'], 
+				        access: get_access_string(it['access']), 
+				      }
+				    end
+				    tp rows, [:name, :access]
+					else
+						puts "Use --instance-type-access to list custom access"
+					end
+				end
+
 				print reset,"\n\n"
 			end
 		rescue RestClient::Exception => e
-			::Morpheus::Cli::ErrorHandler.new.print_rest_exception(e)
+			print_rest_exception(e, options)
 			exit 1
 		end
 	end
 
 	def add(args)
-		print red,bold, "\nNOT YET IMPLEMENTED!\n\n",reset
-		exit 1
+		usage = "Usage: morpheus roles add [options]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			build_common_options(opts, options, [:options, :json])
+		end
+		optparse.parse(args)
+
+		connect(options)
+		begin
+
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+
+			params = Morpheus::Cli::OptionTypes.prompt(add_role_option_types, options[:options], @api_client, options[:params])
+
+			#puts "parsed params is : #{params.inspect}"
+			role_keys = ['authority', 'description', 'instanceLimits']
+			role_payload = params.select {|k,v| role_keys.include?(k) }
+			if !role_payload['instanceLimits']
+				role_payload['instanceLimits'] = {}
+				role_payload['instanceLimits']['maxStorage'] = params['instanceLimits.maxStorage'].to_i if params['instanceLimits.maxStorage'].to_s.strip != ''
+				role_payload['instanceLimits']['maxMemory'] = params['instanceLimits.maxMemory'].to_i if params['instanceLimits.maxMemory'].to_s.strip != ''
+				role_payload['instanceLimits']['maxCpu'] = params['instanceLimits.maxCpu'].to_i if params['instanceLimits.maxCpu'].to_s.strip != ''
+			end
+			if params['baseRole'].to_s != ''
+				base_role = find_role_by_name(account_id, params['baseRole'])
+				exit 1 if base_role.nil?
+				role_payload['baseRoleId'] = base_role['id']
+			end
+			request_payload = {role: role_payload}
+			response = @roles_interface.create(account_id, request_payload)
+
+			if account
+				print_green_success "Added role #{role_payload['authority']} to account #{account['name']}"
+			else
+				print_green_success "Added role #{role_payload['authority']}"
+			end
+
+			details_options = [role_payload["authority"]]
+			if account
+				details_options.push "--account-id", account['id'].to_s
+			end
+			details(details_options)
+
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
+	end
+
+	def update(args)
+		usage = "Usage: morpheus roles update [name] [options]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			build_common_options(opts, options, [:options, :json])
+		end
+		optparse.parse(args)
+
+		if args.count < 1
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+
+		connect(options)
+		
+		begin
+
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+
+			role = find_role_by_name(account_id, name)
+			exit 1 if role.nil?
+
+			#params = Morpheus::Cli::OptionTypes.prompt(update_role_option_types, options[:options], @api_client, options[:params])
+			params = options[:options] || {}
+
+			if params.empty?
+				puts "\n#{usage}\n\n"
+				option_lines = update_role_option_types.collect {|it| "\t-O #{it['fieldName']}=\"value\"" }.join("\n")
+				puts "\nAvailable Options:\n#{option_lines}\n\n"
+				exit 1
+			end
+
+			#puts "parsed params is : #{params.inspect}"
+			role_keys = ['authority', 'description', 'instanceLimits']
+			role_payload = params.select {|k,v| role_keys.include?(k) }
+			if !role_payload['instanceLimits']
+				role_payload['instanceLimits'] = {}
+				role_payload['instanceLimits']['maxStorage'] = params['instanceLimits.maxStorage'].to_i if params['instanceLimits.maxStorage'].to_s.strip != ''
+				role_payload['instanceLimits']['maxMemory'] = params['instanceLimits.maxMemory'].to_i if params['instanceLimits.maxMemory'].to_s.strip != ''
+				role_payload['instanceLimits']['maxCpu'] = params['instanceLimits.maxCpu'].to_i if params['instanceLimits.maxCpu'].to_s.strip != ''
+			end
+			request_payload = {role: role_payload}
+			response = @roles_interface.update(account_id, role['id'], request_payload)
+			
+			print_green_success "Updated role #{role_payload['authority']}"
+
+			details_options = [role_payload["authority"] || role['authority']]
+			if account
+				details_options.push "--account-id", account['id'].to_s
+			end
+			details(details_options)
+
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
 	end
 
 	def remove(args)
-		print red,bold, "\nNOT YET IMPLEMENTED!\n\n",reset
-		exit 1
+		usage = "Usage: morpheus roles remove [name]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			build_common_options(opts, options, [:auto_confirm, :json])
+		end
+		optparse.parse(args)
+		
+		if args.count < 1
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+
+		connect(options)
+		begin
+
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+
+			role = find_role_by_name(account_id, name)
+			exit 1 if role.nil?
+			unless options[:yes] || Morpheus::Cli::OptionTypes.confirm("Are you sure you want to delete the role #{role['authority']}?")
+				exit
+			end
+			json_response = @roles_interface.destroy(account_id, role['id'])
+			
+			if options[:json]
+				print JSON.pretty_generate(json_response)
+				print "\n"
+			else
+				print_green_success "Role #{role['authority']} removed"
+			end
+			
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
+	end
+
+	def update_feature_access(args)
+		usage = "Usage: morpheus roles update-feature-access [name] [code] [full|read|custom|none]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			build_common_options(opts, options, [:json])
+		end
+		optparse.parse(args)
+
+		if args.count < 3
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+		permission_code = args[1]
+		access_value = args[2].to_s.downcase
+		if !['full', 'read', 'custom', 'none'].include?(access_value)
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+
+		connect(options)
+		begin
+			
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+	
+			role = find_role_by_name(account_id, name)
+			exit 1 if role.nil?
+
+			params = {permissionCode: permission_code, access: access_value}
+			json_response = @roles_interface.update_permission(account_id, role['id'], params)
+
+			if options[:json]
+				print JSON.pretty_generate(json_response)
+				print "\n"
+			else
+				print_green_success "Role #{role['authority']} feature access updated"
+			end
+				
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
+	end
+
+	def update_global_group_access(args)
+		usage = "Usage: morpheus roles update-global-group-access [name] [full|read|custom|none]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			build_common_options(opts, options, [:json])
+		end
+		optparse.parse(args)
+
+		if args.count < 2
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+		access_value = args[1].to_s.downcase
+		if !['full', 'read', 'custom', 'none'].include?(access_value)
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+
+		connect(options)
+		begin
+			
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+	
+			role = find_role_by_name(account_id, name)
+			exit 1 if role.nil?
+
+			params = {permissionCode: 'ComputeSite', access: access_value}
+			json_response = @roles_interface.update_permission(account_id, role['id'], params)
+
+			if options[:json]
+				print JSON.pretty_generate(json_response)
+				print "\n"
+			else
+				print_green_success "Role #{role['authority']} global group access updated"
+			end
+				
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
+	end
+
+	def update_group_access(args)
+		usage = "Usage: morpheus roles update-group-access [name] [group_name] [full|read|none]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			build_common_options(opts, options, [:json])
+		end
+		optparse.parse(args)
+
+		if args.count < 2
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+		group_name = args[1]
+		access_value = args[2].to_s.downcase
+		if !['full', 'read', 'none'].include?(access_value)
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+
+		connect(options)
+		begin
+			
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+	
+			role = find_role_by_name(account_id, name)
+			exit 1 if role.nil?
+
+			role_json = @roles_interface.get(account_id, role['id'])
+			
+			if role_json['globalSiteAccess'] != 'custom'
+				print "\n", red, "Global Group Access is currently: #{role_json['globalSiteAccess'].capitalize}"
+				print "\n", "You must first set it to Custom via `morpheus roles update-global-group-access \"#{name}\" custom`"
+				print "\n\n", reset
+				exit 1
+			end
+
+			# group_id = find_group_id_by_name(group_name)
+			# exit 1 if group_id.nil?
+			group = find_group_by_name(group_name)
+			exit 1 if group.nil?
+			group_id = group['id']
+
+			params = {groupId: group_id, access: access_value}
+			json_response = @roles_interface.update_group(account_id, role['id'], params)
+
+			if options[:json]
+				print JSON.pretty_generate(json_response)
+				print "\n"
+			else
+				print_green_success "Role #{role['authority']} global group access updated"
+			end
+				
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
+	end
+
+	def update_global_cloud_access(args)
+		usage = "Usage: morpheus roles update-global-cloud-access [name] [full|custom|none]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			build_common_options(opts, options, [:json])
+		end
+		optparse.parse(args)
+
+		if args.count < 2
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+		access_value = args[1].to_s.downcase
+		if !['full', 'custom', 'none'].include?(access_value)
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+
+		connect(options)
+		begin
+			
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+	
+			role = find_role_by_name(account_id, name)
+			exit 1 if role.nil?
+
+			params = {permissionCode: 'ComputeZone', access: access_value}
+			json_response = @roles_interface.update_permission(account_id, role['id'], params)
+
+			if options[:json]
+				print JSON.pretty_generate(json_response)
+				print "\n"
+			else
+				print_green_success "Role #{role['authority']} global cloud access updated"
+			end
+				
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
+	end
+
+	def update_cloud_access(args)
+		usage = "Usage: morpheus roles update-cloud-access [name] [cloud_name] [full|none]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			opts.on( '-g', '--group GROUP', "Group to find cloud in" ) do |val|
+				options[:group] = val
+			end
+			build_common_options(opts, options, [:json])
+		end
+		optparse.parse(args)
+
+		if args.count < 2
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+		cloud_name = args[1]
+		access_value = args[2].to_s.downcase
+		if !['full', 'none'].include?(access_value)
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+
+		connect(options)
+		begin
+			
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+	
+			role = find_role_by_name(account_id, name)
+			exit 1 if role.nil?
+
+			role_json = @roles_interface.get(account_id, role['id'])
+			
+			if role_json['globalZoneAccess'] != 'custom'
+				print "\n", red, "Global Cloud Access is currently: #{role_json['globalZoneAccess'].capitalize}"
+				print "\n", "You must first set it to Custom via `morpheus roles update-global-cloud-access \"#{name}\" custom`"
+				print "\n\n", reset
+				exit 1
+			end
+
+			group_id = nil
+			if !options[:group].nil?
+				group_id = find_group_id_by_name(options[:group])
+			else
+				group_id = @active_groups[@appliance_name.to_sym]	
+			end
+
+			if group_id.nil?
+				print_red_alert "Group not found or specified!"
+				exit 1
+			end
+
+			cloud_id = find_cloud_id_by_name(group_id, cloud_name)
+			exit 1 if cloud_id.nil?
+			params = {cloudId: cloud_id, access: access_value}
+			json_response = @roles_interface.update_cloud(account_id, role['id'], params)
+
+			if options[:json]
+				print JSON.pretty_generate(json_response)
+				print "\n"
+			else
+				print_green_success "Role #{role['authority']} global cloud access updated"
+			end
+				
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
+	end
+
+	def update_global_instance_type_access(args)
+		usage = "Usage: morpheus roles update-global-instance-type-access [name] [full|custom|none]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			build_common_options(opts, options, [:json])
+		end
+		optparse.parse(args)
+
+		if args.count < 2
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+		access_value = args[1].to_s.downcase
+		if !['full', 'custom', 'none'].include?(access_value)
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+
+
+		connect(options)
+		begin
+			
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+	
+			role = find_role_by_name(account_id, name)
+			exit 1 if role.nil?
+
+			params = {permissionCode: 'InstanceType', access: access_value}
+			json_response = @roles_interface.update_permission(account_id, role['id'], params)
+
+			if options[:json]
+				print JSON.pretty_generate(json_response)
+				print "\n"
+			else
+				print_green_success "Role #{role['authority']} global instance type access updated"
+			end
+				
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
+	end
+
+	def update_instance_type_access(args)
+		usage = "Usage: morpheus roles update-instance-type-access [name] [instance_type_name] [full|none]"
+		options = {}
+		optparse = OptionParser.new do|opts|
+			opts.banner = usage
+			build_common_options(opts, options, [:json])
+		end
+		optparse.parse(args)
+
+		if args.count < 2
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+		name = args[0]
+		instance_type_name = args[1]
+		access_value = args[2].to_s.downcase
+		if !['full', 'none'].include?(access_value)
+			puts "\n#{usage}\n\n"
+			exit 1
+		end
+
+		connect(options)
+		begin
+			
+			account = find_account_from_options(options)
+			account_id = account ? account['id'] : nil
+	
+			role = find_role_by_name(account_id, name)
+			exit 1 if role.nil?
+
+			role_json = @roles_interface.get(account_id, role['id'])
+			
+			if role_json['globalInstanceTypeAccess'] != 'custom'
+				print "\n", red, "Global Instance Type Access is currently: #{role_json['globalInstanceTypeAccess'].capitalize}"
+				print "\n", "You must first set it to Custom via `morpheus roles update-global-instance-type-access \"#{name}\" custom`"
+				print "\n\n", reset
+				exit 1
+			end
+
+			instance_type = find_instance_type_by_name(instance_type_name)
+			exit 1 if instance_type.nil?
+
+			params = {instanceTypeId: instance_type['id'], access: access_value}
+			json_response = @roles_interface.update_instance_type(account_id, role['id'], params)
+
+			if options[:json]
+				print JSON.pretty_generate(json_response)
+				print "\n"
+			else
+				print_green_success "Role #{role['authority']} global instance type access updated"
+			end
+				
+		rescue RestClient::Exception => e
+			print_rest_exception(e, options)
+			exit 1
+		end
 	end
 
 private
 	
+	def get_access_string(val)
+		val ||= 'none'
+		if val == 'none'
+			"#{white}#{val.to_s.capitalize}#{cyan}"
+		else
+			"#{green}#{val.to_s.capitalize}#{cyan}"
+		end
+	end
+
+	def add_role_option_types
+		[
+			{'fieldName' => 'authority', 'fieldLabel' => 'Name', 'type' => 'text', 'required' => true, 'displayOrder' => 1},
+			{'fieldName' => 'description', 'fieldLabel' => 'Description', 'type' => 'text', 'displayOrder' => 2},
+			{'fieldName' => 'baseRole', 'fieldLabel' => 'Copy From Role', 'type' => 'text', 'displayOrder' => 3},
+			{'fieldName' => 'instanceLimits.maxStorage', 'fieldLabel' => 'Max Storage (bytes)', 'type' => 'text', 'displayOrder' => 8},
+			{'fieldName' => 'instanceLimits.maxMemory', 'fieldLabel' => 'Max Memory (bytes)', 'type' => 'text', 'displayOrder' => 9},
+			{'fieldName' => 'instanceLimits.maxCpu', 'fieldLabel' => 'CPU Count', 'type' => 'text', 'displayOrder' => 10},
+		]
+	end
+
+	def update_role_option_types
+		add_role_option_types.reject {|it| ['baseRole'].include?(it['fieldName']) }
+	end
+
+
+	def find_group_by_name(name)
+		group_results = @groups_interface.get(name)
+		if group_results['groups'].empty?
+			print_red_alert "Group not found by name #{name}"
+			return nil
+		end
+		return group_results['groups'][0]
+	end
+
+	# no worky, returning  {"success"=>true, "data"=>[]}
+	# def find_group_id_by_name(name)
+	# 	option_results = @options_interface.options_for_source('groups',{})
+	# 	puts "option_results: #{option_results.inspect}"
+	# 	match = option_results['data'].find { |grp| grp['value'].to_s == name.to_s || grp['name'].downcase == name.downcase}
+	# 	if match.nil?
+	# 		print_red_alert "Group not found by name #{name}"
+	# 		return nil
+	# 	else
+	# 		return match['value']
+	# 	end
+	# end
+
+	def find_cloud_id_by_name(group_id, name)
+		option_results = @options_interface.options_for_source('clouds', {groupId: group_id})
+		match = option_results['data'].find { |grp| grp['value'].to_s == name.to_s || grp['name'].downcase == name.downcase}
+		if match.nil?
+			print_red_alert "Cloud not found by name #{name}"
+			return nil
+		else
+			return match['value']
+		end
+	end
+
+	def find_instance_type_by_name(name)
+		results = @instance_types_interface.get({name: name})
+		if results['instanceTypes'].empty?
+			print_red_alert "Instance Type not found by name #{name}"
+			return nil
+		end
+		return results['instanceTypes'][0]
+	end
 
 end