morpheus-cli 4.1.8 → 4.1.9

data/lib/morpheus/cli/processes_command.rb

@@ -69,7 +69,6 @@ class Morpheus::Cli::Processes
     connect(options)
     begin
       params.merge!(parse_list_options(options))
-      # params[:query] = params.delete(:phrase) unless params[:phrase].nil?
       @processes_interface.setopts(options)
       if options[:dry_run]
         print_dry_run @processes_interface.dry.list(params)
@@ -201,7 +200,6 @@ class Morpheus::Cli::Processes
     begin
       process_id = args[0]
       params.merge!(parse_list_options(options))
-      params[:query] = params.delete(:phrase) unless params[:phrase].nil?
       @processes_interface.setopts(options)
       if options[:dry_run]
         print_dry_run @processes_interface.dry.get(process_id, params)

data/lib/morpheus/cli/provisioning_settings_command.rb

@@ -0,0 +1,237 @@
+require 'morpheus/cli/cli_command'
+
+class Morpheus::Cli::ProvisioningSettingsCommand
+  include Morpheus::Cli::CliCommand
+  include Morpheus::Cli::AccountsHelper
+  include Morpheus::Cli::WhoamiHelper
+
+  set_command_name :'provisioning-settings'
+
+  register_subcommands :get, :update
+  
+  set_default_subcommand :get
+
+  def connect(opts)
+    @api_client = establish_remote_appliance_connection(opts)
+    @provisioning_settings_interface = @api_client.provisioning_settings
+    @storage_providers_interface = @api_client.storage_providers
+    @key_pairs_interface = @api_client.key_pairs
+    @blueprints_interface = @api_client.blueprints
+  end
+
+  def handle(args)
+    handle_subcommand(args)
+  end
+
+  def get(args)
+    options = {}
+    optparse = Morpheus::Cli::OptionParser.new do |opts|
+      opts.banner = subcommand_usage()
+      build_common_options(opts, options, [:query, :json, :yaml, :csv, :fields, :dry_run, :remote])
+      opts.footer = "Get provisioning settings."
+    end
+    optparse.parse!(args)
+    connect(options)
+    if args.count != 0
+      raise_command_error "wrong number of arguments, expected 0 and got (#{args.count}) #{args}\n#{optparse}"
+      return 1
+    end
+    
+    begin
+      @provisioning_settings_interface.setopts(options)
+
+      if options[:dry_run]
+        print_dry_run @provisioning_settings_interface.dry.get()
+        return
+      end
+      json_response = @provisioning_settings_interface.get()
+      if options[:json]
+        puts as_json(json_response, options, "provisioningSettings")
+        return 0
+      elsif options[:yaml]
+        puts as_yaml(json_response, options, "provisioningSettings")
+        return 0
+      elsif options[:csv]
+        puts records_as_csv([json_response['provisioningSettings']], options)
+        return 0
+      end
+
+      settings = json_response['provisioningSettings']
+
+      print_h1 "Provisioning Settings"
+      print cyan
+
+      description_cols = {
+        "Allow Cloud Selection" => lambda {|it| format_boolean(it['allowZoneSelection'])},
+        "Allow Host Selection" => lambda {|it| format_boolean(it['allowServerSelection'])},
+        "Require Environment Selection" => lambda {|it| format_boolean(it['requireEnvironments'])},
+        "Show Pricing" => lambda {|it| format_boolean(it['showPricing'])},
+        "Hide Datastore Stats On Selection" => lambda {|it| format_boolean(it['hideDatastoreStats'])},
+        "Cross-Tenant Naming Policies" => lambda {|it| format_boolean(it['crossTenantNamingPolicies'])},
+        "Reuse Naming Sequence Numbers" => lambda {|it| format_boolean(it['reuseSequence'])},
+        "Deployment Archive Store" => lambda {|it| it['deployStorageProvider'] ? it['deployStorageProvider']['name'] : nil},
+        # Cloud-Init Settings
+        "Cloud-Init Username" => lambda {|it| it['cloudInitUsername']},
+        "Cloud-Init Password" => lambda {|it| it['cloudInitPassword']},
+        "Cloud-Init Key Pair" => lambda {|it| it['cloudInitKeyPair'] ? it['cloudInitKeyPair']['name'] : nil},
+        # Windows Settings
+        "Windows Adminstrator Password" => lambda {|it| it['windowsPassword']},
+        # PXE Boot Settings
+        "Default Root Password" => lambda {|it| it['pxeRootPassword']},
+        # App Blueprint Settings
+        "Default Blueprint Type" => lambda {|it| it['defaultTemplateType'] ? it['defaultTemplateType']['name'].capitalize : 'Morpheus'}
+      }
+      print_description_list(description_cols, settings)
+      print reset "\n"
+      return 0
+    rescue RestClient::Exception => e
+      print_rest_exception(e, options)
+      return 1
+    end
+  end
+
+  def update(args)
+    options = {}
+    params = {}
+
+    optparse = Morpheus::Cli::OptionParser.new do |opts|
+      opts.banner = opts.banner = subcommand_usage()
+      opts.on("--allow-cloud [on|off]", ['on','off'], "Allow cloud selection. Default is on") do |val|
+        params['allowZoneSelection'] = val.to_s == 'on' || val.to_s == 'true' || val.to_s == '1' || val.to_s == ''
+      end
+      opts.on("--allow-host [on|off]", ['on','off'], "Allow host selection. Default is on") do |val|
+        params['allowServerSelection'] = val.to_s == 'on' || val.to_s == 'true' || val.to_s == '1' || val.to_s == ''
+      end
+      opts.on("--require-env [on|off]", ['on','off'], "Require environment selection. Default is on") do |val|
+        params['requireEnvironments'] = val.to_s == 'on' || val.to_s == 'true' || val.to_s == '1' || val.to_s == ''
+      end
+      opts.on("--show-pricing [on|off]", ['on','off'], "Show pricing. Default is on") do |val|
+        params['showPricing'] = val.to_s == 'on' || val.to_s == 'true' || val.to_s == '1' || val.to_s == ''
+      end
+      opts.on("--ds-hide-stats [on|off]", ['on','off'], "Hide datastore stats on selection. Default is on") do |val|
+        params['hideDatastoreStats'] = val.to_s == 'on' || val.to_s == 'true' || val.to_s == '1' || val.to_s == ''
+      end
+      opts.on("--x-tenant-naming [on|off]", ['on','off'], "Cross-tenant naming policies. Default is on") do |val|
+        params['crossTenantNamingPolicies'] = val.to_s == 'on' || val.to_s == 'true' || val.to_s == '1' || val.to_s == ''
+      end
+      opts.on("--reuse-name-seq [on|off]", ['on','off'], "Reuse naming sequence numbers. Default is on") do |val|
+        params['reuseSequence'] = val.to_s == 'on' || val.to_s == 'true' || val.to_s == '1' || val.to_s == ''
+      end
+      opts.on("--deploy-bucket BUCKET", String, "Deployment archive storage provider ID or name") do |val|
+        if val == 'null'
+          params['deployStorageProvider'] = nil
+        else
+          options[:deployBucket] = val
+        end
+      end
+      opts.on("--cloud-username STRING", String, "Cloud-init username") do |val|
+        params['cloudInitUsername'] = val == 'null' ? nil : val
+      end
+      opts.on("--cloud-pwd STRING", String, "Cloud-init password") do |val|
+        params['cloudInitPassword'] = val == 'null' ? nil : val
+      end
+      opts.on("--cloud-keypair KEYPAIR", String, "Cloud-init key pair ID or name") do |val|
+        if val == 'null'
+          params['cloudInitKeyPair'] = nil
+        else
+          options[:cloudKeyPair] = val
+        end
+      end
+      opts.on("--windows-pwd STRING", String, "Windows administrator password") do |val|
+        params['windowsPassword'] = val == 'null' ? nil : val
+      end
+      opts.on("--pxe-pwd STRING", String, "PXE Boot default root password") do |val|
+        params['pxeRootPassword'] = val == 'null' ? nil : val
+      end
+      opts.on("--blueprint-type TYPE", String, "Default blueprint type ID, name or code") do |val|
+        if val == 'null'
+          params['defaultTemplateType'] = nil
+        else
+          options[:blueprintType] = val
+        end
+      end
+      build_common_options(opts, options, [:json, :payload, :dry_run, :quiet, :remote])
+    end
+
+    optparse.parse!(args)
+    connect(options)
+    if args.count != 0
+      raise_command_error "wrong number of arguments, expected 0 and got (#{args.count}) #{args}\n#{optparse}"
+      return 1
+    end
+
+    begin
+      payload = parse_payload(options)
+
+      if !payload
+        if options[:deployBucket]
+          bucket = find_storage_provider(options[:deployBucket])
+
+          if !bucket
+            print_red_alert "Storage provider #{options[:deployBucket]} not found"
+            exit 1
+          end
+          params['deployStorageProvider'] = {'id' => bucket['id']}
+        end
+
+        if options[:cloudKeyPair]
+          key_pair = find_key_pair(options[:cloudKeyPair])
+
+          if !key_pair
+            print_red_alert "Key pair #{options[:cloudKeyPair]} not found"
+            exit 1
+          end
+          params['cloudInitKeyPair'] = {'id' => key_pair['id']}
+        end
+
+        if options[:blueprintType]
+          template_type = find_template_type(options[:blueprintType])
+
+          if !template_type
+            print_red_alert "Blueprint type #{options[:blueprintType]} not found"
+          end
+          params['defaultTemplateType'] = {'id' => template_type['id']}
+        end
+        payload = {'provisioningSettings' => params}
+      end
+
+      @provisioning_settings_interface.setopts(options)
+      if options[:dry_run]
+        print_dry_run @provisioning_settings_interface.dry.update(payload)
+        return
+      end
+      json_response = @provisioning_settings_interface.update(payload)
+
+      if options[:json]
+        puts as_json(json_response, options)
+      elsif !options[:quiet]
+        if json_response['success']
+          print_green_success  "Updated provisioning settings"
+          get([] + (options[:remote] ? ["-r",options[:remote]] : []))
+        else
+          print_red_alert "Error updating provisioning settings: #{json_response['msg'] || json_response['errors']}"
+        end
+      end
+      return 0
+
+    rescue RestClient::Exception => e
+      print_rest_exception(e, options)
+      exit 1
+    end
+  end
+
+  private
+
+  def find_storage_provider(val)
+    (val.to_s =~ /\A\d{1,}\Z/) ? @storage_providers_interface.get(val.to_i)['storageBucket'] : @storage_providers_interface.list({'name' => val})["storageBuckets"].first
+  end
+
+  def find_key_pair(val)
+    (val.to_s =~ /\A\d{1,}\Z/) ? @key_pairs_interface.get(current_account['id'], val.to_i)['keyPair'] : @key_pairs_interface.list(current_account['id'], {'name' => val})["keyPairs"].first
+  end
+
+  def find_template_type(val)
+    template_types = @provisioning_settings_interface.template_types['templateTypes']
+    (val.to_s =~ /\A\d{1,}\Z/) ? template_types.find {|it| it['id'] == val.to_i} : template_types.find {|it| it['name'].casecmp(val) == 0 || it['code'].casecmp(val) == 0}
+  end
+end

data/lib/morpheus/cli/remote.rb

@@ -133,7 +133,7 @@ EOT
       opts.on(nil, "--insecure", "Allow insecure HTTPS communication.  i.e. Ignore SSL errors.") do
         secure = false
       end
-      build_common_options(opts, options, [:quiet])
+      build_common_options(opts, options, [:options, :quiet])
       opts.footer = <<-EOT
 This will add a new remote appliance to your morpheus client configuration.
 If this is your first remote, --use is automatically applied so
@@ -233,7 +233,7 @@ EOT
     # hit check api and store version and other info
     if !options[:quiet]
       print cyan
-      puts "Inspecting remote appliance url: #{appliance[:host]} ..."
+      puts "Inspecting remote appliance #{appliance[:host]} ..."
     end
     appliance, check_json_response = ::Morpheus::Cli::Remote.refresh_remote(new_appliance_name.to_sym)
     if !options[:quiet]
@@ -260,6 +260,11 @@ EOT
       return exit_code, err
     end
 
+    # just skip setup/login stuff is no prompt -N is used.
+    if options[:no_prompt]
+      return exit_code, err
+    end
+
     # check_cmd_result = check_appliance([new_appliance_name, "--quiet"])
     # check_cmd_result = check_appliance([new_appliance_name])
 
@@ -1299,9 +1304,9 @@ EOT
     elsif status_str == "ready"
       out << "#{green}#{status_str.upcase}#{return_color}"
     elsif status_str == "http-error"
-      out << "#{red}#{status_str.upcase}#{return_color}"
+      out << "#{red}HTTP ERROR#{return_color}"
     elsif ['error', 'net-error', 'ssl-error', 'http-timeout', 'unreachable', 'unrecognized'].include?(status_str)
-      out << "#{red}#{status_str.upcase}#{return_color}"
+      out << "#{red}#{status_str.gsub('-', ' ').upcase}#{return_color}"
     else
       # dunno
       out << "#{yellow}#{status_str.upcase}#{return_color}"

data/lib/morpheus/cli/reports_command.rb

@@ -17,6 +17,10 @@ class Morpheus::Cli::ReportsCommand
 
   register_subcommands :list, :get, :run, :view, :export, :remove, :types
   
+  def default_refresh_interval
+    5
+  end
+
   def handle(args)
     handle_subcommand(args)
   end
@@ -29,14 +33,13 @@ class Morpheus::Cli::ReportsCommand
       opts.on( '--type CODE', String, "Report Type code(s)" ) do |val|
         params['reportType'] = val.to_s.split(",").compact.collect {|it| it.strip }
       end
-      build_common_options(opts, options, [:list, :json, :dry_run, :remote])
+      build_common_options(opts, options, [:list, :query, :json, :dry_run, :remote])
       opts.footer = "List report history."
     end
     optparse.parse!(args)
     connect(options)
     begin
       params.merge!(parse_list_options(options))
-      
       @reports_interface.setopts(options)
       if options[:dry_run]
         print_dry_run @reports_interface.dry.list(params)
@@ -268,6 +271,10 @@ class Morpheus::Cli::ReportsCommand
 
         # Report Types tell us what the available filters are...
         report_option_types = report_type['optionTypes'] || []
+        report_option_types = report_option_types.collect {|it|
+          it['fieldContext'] = nil
+          it
+        }
         # pluck out optionTypes like the UI does..
         metadata_option_type = nil
         if report_option_types.find {|it| it['fieldName'] == 'metadata' }
@@ -275,6 +282,7 @@ class Morpheus::Cli::ReportsCommand
         end
 
         v_prompt = Morpheus::Cli::OptionTypes.prompt(report_option_types, options[:options], @api_client)
+        payload.deep_merge!({'report' => v_prompt}) unless v_prompt.empty?
 
         if metadata_option_type
           if !options[:options]['metadata']
@@ -285,8 +293,6 @@ class Morpheus::Cli::ReportsCommand
           end
         end
 
-        # payload.deep_merge!({'report' => v_prompt}) unless v_prompt.empty?
-        payload.deep_merge!(v_prompt) unless v_prompt.empty?
       end
 
       @reports_interface.setopts(options)

data/lib/morpheus/cli/roles.rb

@@ -27,7 +27,7 @@ class Morpheus::Cli::Roles
     @instances_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).instances
     @instance_types_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).instance_types
     @blueprints_interface = Morpheus::APIClient.new(@access_token,nil,nil, @appliance_url).blueprints
-    @active_group_id = Morpheus::Cli::Groups.active_group
+    @active_group_id = Morpheus::Cli::Groups.active_groups[@appliance_name]
   end
 
   def handle(args)
@@ -88,6 +88,7 @@ class Morpheus::Cli::Roles
 
   def get(args)
     options = {}
+    params = {}
     optparse = Morpheus::Cli::OptionParser.new do |opts|
       opts.banner = subcommand_usage("[name]")
       opts.on('-p','--permissions', "Display Permissions") do |val|
@@ -116,7 +117,7 @@ class Morpheus::Cli::Roles
         options[:include_instance_type_access] = true
         options[:include_blueprint_access] = true
       end
-      build_common_options(opts, options, [:json, :yaml, :csv, :fields, :dry_run, :remote])
+      build_common_options(opts, options, [:list, :query, :json, :yaml, :csv, :fields, :dry_run, :remote])
       opts.footer = "Get details about a role.\n" +
                     "[name] is required. This is the name or id of a role."
     end
@@ -131,6 +132,9 @@ class Morpheus::Cli::Roles
     begin
       account = find_account_from_options(options)
       account_id = account ? account['id'] : nil
+
+      params.merge!(parse_query_options(options))
+
       @roles_interface.setopts(options)
       if options[:dry_run]
         if args[0].to_s =~ /\A\d{1,}\Z/
@@ -159,16 +163,8 @@ class Morpheus::Cli::Roles
         role = json_response['role']
       end
 
-      if options[:json]
-        puts as_json(json_response, options, "role")
-        return 0
-      elsif options[:yaml]
-        puts as_yaml(json_response, options, "role")
-        return 0
-      elsif options[:csv]
-        puts records_as_csv([json_response['role']], options)
-        return 0
-      end
+      render_result = render_with_format(json_response, options, 'role')
+      return 0 if render_result
 
       print cyan
       print_h1 "Role Details", options
@@ -179,7 +175,9 @@ class Morpheus::Cli::Roles
         "Description" => 'description',
         "Scope" => lambda {|it| it['scope'] },
         "Type" => lambda {|it| format_role_type(it) },
-        "Multitenant" => lambda {|it| format_boolean(it['multitenant']) },
+        "Multitenant" => lambda {|it| 
+          format_boolean(it['multitenant']).to_s + (it['multitenantLocked'] ? " (LOCKED)" : "")
+        },
         "Owner" => lambda {|it| role['owner'] ? role['owner']['name'] : '' },
         #"Account" => lambda {|it| it['account'] ? it['account']['name'] : '' },
         "Created" => lambda {|it| format_local_dt(it['dateCreated']) },
@@ -205,15 +203,40 @@ class Morpheus::Cli::Roles
             access: get_access_string(it['access']),
           }
         end
+        if options[:sort]
+          rows.sort! {|a,b| a[options[:sort]] <=> b[options[:sort]] }
+        end
+        if options[:direction] == 'desc'
+          rows.reverse!
+        end
+        if options[:phrase]
+          phrase_regexp = /#{Regexp.escape(options[:phrase])}/i
+          rows = rows.select {|row| row[:code].to_s =~ phrase_regexp || row[:name].to_s =~ phrase_regexp }
+        end
         print as_pretty_table(rows, [:code, :name, :access], options)
       else
-        puts "Use --permissions to list permissions"
-      end
-
-      print_h2 "Group Access", options
+        print cyan,"Use --permissions to list permissions","\n"
+      end
+
+      print_h2 "Global Access", options
+      # role_access_rows = [
+      #   {name: "Groups", access: get_access_string(json_response['globalSiteAccess']) },
+      #   {name: "Clouds", access: get_access_string(json_response['globalZoneAccess']) },
+      #   {name: "Instance Types", access: get_access_string(json_response['globalInstanceTypeAccess']) },
+      #   {name: "Blueprints", access: get_access_string(json_response['globalAppTemplateAccess'] || json_response['globalBlueprintAccess']) }
+      # ]
+      # puts as_pretty_table(role_access_rows, [:name, :access], options)
+      puts as_pretty_table([json_response], [
+        {"Groups" => lambda {|it| get_access_string(it['globalSiteAccess']) } },
+        {"Clouds" => lambda {|it| get_access_string(it['globalZoneAccess']) } },
+        {"Instance Types" => lambda {|it| get_access_string(it['globalInstanceTypeAccess']) } },
+        {"Blueprints" => lambda {|it| get_access_string(it['globalAppTemplateAccess'] || it['globalBlueprintAccess']) } },
+      ], options)
+
+      #print_h2 "Group Access: #{get_access_string(json_response['globalSiteAccess'])}", options
       print cyan
-      puts "Global Group Access: #{get_access_string(json_response['globalSiteAccess'])}\n\n"
       if json_response['globalSiteAccess'] == 'custom'
+        print_h2 "Group Access", options
         if options[:include_group_access]
           rows = json_response['sites'].collect do |it|
             {
@@ -223,14 +246,18 @@ class Morpheus::Cli::Roles
           end
           print as_pretty_table(rows, [:name, :access], options)
         else
-          puts "Use --group-access to list custom access"
+          print cyan,"Use -g, --group-access to list custom access","\n"
         end
+      else
+        # print "\n"
+        # print cyan,bold,"Group Access: #{get_access_string(json_response['globalSiteAccess'])}",reset,"\n"
       end
-
-      print_h2 "Cloud Access", options
+      
       print cyan
-      puts "Global Cloud Access: #{get_access_string(json_response['globalZoneAccess'])}\n\n"
+      #puts "Cloud Access: #{get_access_string(json_response['globalZoneAccess'])}"
+      #print "\n"
       if json_response['globalZoneAccess'] == 'custom'
+        print_h2 "Cloud Access", options
         if options[:include_cloud_access]
           rows = json_response['zones'].collect do |it|
             {
@@ -240,14 +267,18 @@ class Morpheus::Cli::Roles
           end
           print as_pretty_table(rows, [:name, :access], options)
         else
-          puts "Use --cloud-access to list custom access"
+          print cyan,"Use -c, --cloud-access to list custom access","\n"
         end
+      else
+        # print "\n"
+        # print cyan,bold,"Cloud Access: #{get_access_string(json_response['globalZoneAccess'])}",reset,"\n"
       end
 
-      print_h2 "Instance Type Access", options
       print cyan
-      puts "Global Instance Type Access: #{get_access_string(json_response['globalInstanceTypeAccess'])}\n\n"
+      # puts "Instance Type Access: #{get_access_string(json_response['globalInstanceTypeAccess'])}"
+      # print "\n"
       if json_response['globalInstanceTypeAccess'] == 'custom'
+        print_h2 "Instance Type Access", options
         if options[:include_instance_type_access]
           rows = json_response['instanceTypePermissions'].collect do |it|
             {
@@ -257,16 +288,20 @@ class Morpheus::Cli::Roles
           end
           print as_pretty_table(rows, [:name, :access], options)
         else
-          puts "Use --instance-type-access to list custom access"
+          print cyan,"Use -i, --instance-type-access to list custom access","\n"
         end
+      else
+        # print "\n"
+        # print cyan,bold,"Instance Type Access: #{get_access_string(json_response['globalInstanceTypeAccess'])}",reset,"\n"
       end
 
       blueprint_global_access = json_response['globalAppTemplateAccess'] || json_response['globalBlueprintAccess']
       blueprint_permissions = json_response['appTemplatePermissions'] || json_response['blueprintPermissions'] || []
-      print_h2 "Blueprint Access", options
       print cyan
-      puts "Global Blueprint Access: #{get_access_string(json_response['globalAppTemplateAccess'])}\n\n"
+      # print_h2 "Blueprint Access: #{get_access_string(json_response['globalAppTemplateAccess'])}", options
+      # print "\n"
       if blueprint_global_access == 'custom'
+        print_h2 "Blueprint Access", options
         if options[:include_blueprint_access]
           rows = blueprint_permissions.collect do |it|
             {
@@ -276,8 +311,11 @@ class Morpheus::Cli::Roles
           end
           print as_pretty_table(rows, [:name, :access], options)
         else
-          puts "Use --blueprint-access to list custom access"
+          print cyan,"Use -b, --blueprint-access to list custom access","\n"
         end
+      else
+        # print "\n"
+        # print cyan,bold,"Blueprint Access: #{get_access_string(json_response['globalAppTemplateAccess'])}",reset,"\n"
       end
 
       print reset,"\n"
@@ -292,7 +330,7 @@ class Morpheus::Cli::Roles
     options = {}
     optparse = Morpheus::Cli::OptionParser.new do |opts|
       opts.banner = subcommand_usage("[role]")
-      build_common_options(opts, options, [:json, :yaml, :csv, :fields, :dry_run, :remote])
+      build_common_options(opts, options, [:list, :json, :yaml, :csv, :fields, :dry_run, :remote])
       opts.footer = "List the permissions for a role.\n" +
                     "[role] is required. This is the name or id of a role."
     end
@@ -358,9 +396,19 @@ class Morpheus::Cli::Roles
             access: get_access_string(it['access']),
           }
         end
+        if options[:sort]
+          rows.sort! {|a,b| a[options[:sort]] <=> b[options[:sort]] }
+        end
+        if options[:direction] == 'desc'
+          rows.reverse!
+        end
+        if options[:phrase]
+          phrase_regexp = /#{Regexp.escape(options[:phrase])}/i
+          rows = rows.select {|row| row[:code].to_s =~ phrase_regexp || row[:name].to_s =~ phrase_regexp }
+        end
         print as_pretty_table(rows, [:code, :name, :access], options)
       else
-        puts "No permissions found?"
+        puts "No permissions found"
       end
 
       print reset,"\n"
@@ -376,12 +424,17 @@ class Morpheus::Cli::Roles
     options = {}
     params = {}
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[options]")
+      opts.banner = subcommand_usage("[name] [options]")
       build_option_type_options(opts, options, add_role_option_types)
       build_common_options(opts, options, [:options, :payload, :json, :dry_run, :remote])
     end
     optparse.parse!(args)
-
+    if args.count > 1
+      raise_command_error "wrong number of arguments, expected 0-1 and got (#{args.count}) #{args}\n#{optparse}"
+    end
+    if args[0]
+      options[:options]['authority'] = args[0]
+    end
     connect(options)
     begin
 
@@ -425,6 +478,10 @@ class Morpheus::Cli::Roles
           if role_payload['roleType'] == 'user'
             v_prompt = Morpheus::Cli::OptionTypes.prompt([{'fieldName' => 'multitenant', 'fieldLabel' => 'Multitenant', 'type' => 'checkbox', 'defaultValue' => 'off', 'description' => 'A Multitenant role is automatically copied into all existing subaccounts as well as placed into a subaccount when created. Useful for providing a set of predefined roles a Customer can use', 'displayOrder' => 5}], options[:options])
             role_payload['multitenant'] = ['on','true'].include?(v_prompt['multitenant'].to_s)
+            if role_payload['multitenant']
+              v_prompt = Morpheus::Cli::OptionTypes.prompt([{'fieldName' => 'multitenantLocked', 'fieldLabel' => 'Multitenant Locked', 'type' => 'checkbox', 'defaultValue' => 'off', 'description' => 'Prevents subtenants from branching off this role/modifying it. '}], options[:options])
+              role_payload['multitenantLocked'] = ['on','true'].include?(v_prompt['multitenantLocked'].to_s)
+            end
           end
         end
 
@@ -505,10 +562,10 @@ class Morpheus::Cli::Roles
         params.deep_merge!(passed_options)
         prompt_option_types = update_role_option_types()
         if !@is_master_account
-          prompt_option_types = prompt_option_types.reject {|it| ['roleType', 'multitenant'].include?(it['fieldName']) }
+          prompt_option_types = prompt_option_types.reject {|it| ['roleType', 'multitenant','multitenantLocked'].include?(it['fieldName']) }
         end
         if role['roleType'] != 'user'
-          prompt_option_types = prompt_option_types.reject {|it| ['multitenant'].include?(it['fieldName']) }
+          prompt_option_types = prompt_option_types.reject {|it| ['multitenant','multitenantLocked'].include?(it['fieldName']) }
         end
         #params = Morpheus::Cli::OptionTypes.prompt(prompt_option_types, options[:options], @api_client, options[:params])
 
@@ -1265,9 +1322,7 @@ class Morpheus::Cli::Roles
       {'fieldName' => 'roleType', 'fieldLabel' => 'Role Type', 'type' => 'select', 'selectOptions' => [{'name' => 'User Role', 'value' => 'user'}, {'name' => 'Account Role', 'value' => 'account'}], 'defaultValue' => 'user', 'displayOrder' => 3},
       {'fieldName' => 'baseRole', 'fieldLabel' => 'Copy From Role', 'type' => 'text', 'displayOrder' => 4},
       {'fieldName' => 'multitenant', 'fieldLabel' => 'Multitenant', 'type' => 'checkbox', 'defaultValue' => 'off', 'description' => 'A Multitenant role is automatically copied into all existing subaccounts as well as placed into a subaccount when created. Useful for providing a set of predefined roles a Customer can use', 'displayOrder' => 5},
-      # {'fieldName' => 'instanceLimits.maxStorage', 'fieldLabel' => 'Max Storage (bytes)', 'type' => 'text', 'displayOrder' => 8},
-      # {'fieldName' => 'instanceLimits.maxMemory', 'fieldLabel' => 'Max Memory (bytes)', 'type' => 'text', 'displayOrder' => 9},
-      # {'fieldName' => 'instanceLimits.maxCpu', 'fieldLabel' => 'CPU Count', 'type' => 'text', 'displayOrder' => 10},
+      {'fieldName' => 'multitenantLocked', 'fieldLabel' => 'Multitenant Locked', 'type' => 'checkbox', 'defaultValue' => 'off', 'description' => 'Prevents subtenants from branching off this role/modifying it. ', 'displayOrder' => 6}
     ]
   end