morpheus-cli 5.0.0 → 5.2.2

data/lib/morpheus/cli/remote.rb

@@ -23,6 +23,8 @@ class Morpheus::Cli::Remote
 
   set_default_subcommand :list
 
+  set_subcommands_hidden :setup # this is going away too
+
   def initialize()
     @appliance_name, @appliance_url = Morpheus::Cli::Remote.active_appliance
   end
@@ -595,7 +597,7 @@ EOT
     if args.count != 0
       raise_command_error "wrong number of arguments, expected 0-1 and got (#{args.count}) #{args.join(' ')}\n#{optparse}"
     end
-    connect(options) # needed?
+    #connect(options) # needed?
     _check_all_appliances(options)
   end
   
@@ -826,6 +828,12 @@ EOT
         options[:do_offline] = true
       end
       build_common_options(opts, options, [:json,:yaml,:csv,:fields, :quiet])
+      opts.footer = <<-EOT
+Print details about the a remote appliance.
+[name] is optional. This is the name of a remote. 
+By default, the current appliance is used.
+Returns an error if the specified remote is not found, or there is no current remote.
+EOT
     end
     optparse.parse!(args)
     id_list = nil
@@ -843,7 +851,16 @@ EOT
 
   def _get(appliance_name, options)
     exit_code, err = 0, nil
-    
+    if appliance_name == 'current'
+      current_appliance = ::Morpheus::Cli::Remote.load_active_remote()
+      if current_appliance.nil?
+        #raise_command_error "No current appliance, see the command `remote use`"
+        unless options[:quiet]
+          print yellow, "No current appliance, see the command `remote use`", reset, "\n"
+        end
+        return 1, "No current appliance"
+      end
+    end
     appliance = load_remote_by_name(appliance_name)
     appliance_name = appliance[:name]
     appliance_url = appliance[:url]
@@ -1039,15 +1056,14 @@ EOT
       end
       build_common_options(opts, options, [:quiet])
       opts.footer = <<-EOT
-[name] is required. This is the name of a remote, see the command `remote list`.
+[name] is required. This is the name of a remote to begin using.
 Start using a remote, making it the active (current) remote appliance.
 This switches the remote context of your client configuration for all subsequent commands.
-So rely on 'remote use' with caution.
 It is important to always be aware of the context your commands are running in.
 The command `remote current` will return the current remote information.
-Also, instead of using an active remote, the -r option can be specified in your commands.
+Instead of using an active remote, the -r option can be specified with each command.
 
-It is recommeneded to set a custom prompt to show the remote name.
+It is recommeneded to set a custom prompt to show the current remote name.
 For example, add the following to your .morpheusrc file:
 
   # set your shell prompt to display the current username and remote
@@ -1155,13 +1171,22 @@ EOT
     end
     optparse.parse!(args)
     verify_args!(args:args, count:0, optparse:optparse)
-    connect(options)
+    #connect(options)
+
+    current_appliance = ::Morpheus::Cli::Remote.load_active_remote()
+    if current_appliance.nil?
+      #raise_command_error "No current appliance, see the command `remote use`"
+      unless options[:quiet]
+        print yellow, "No current appliance, see the command `remote use`", reset, "\n"
+      end
+      return 1, "No current appliance"
+    end
 
     # this does the same thing
     #return _get("current", options)
-
-    # appliance = load_remote_by_name("current")
-    appliance = @remote_appliance
+    appliance = current_appliance
+    #appliance = load_remote_by_name("current")
+    #appliance = @remote_appliance
     exit_code, err = 0, nil
     if appliance.nil?
       raise_command_error "no current remote appliance, see command `remote add`."

data/lib/morpheus/cli/reports_command.rb

@@ -15,7 +15,10 @@ class Morpheus::Cli::ReportsCommand
     @reports_interface = @api_client.reports
   end
 
-  register_subcommands :list, :get, :run, :view, :export, :remove, :types
+  register_subcommands :list, :get, :run, :view, :export, :remove
+  register_subcommands :'list-types' => :list_types
+  register_subcommands :'get-type' => :get_type
+  alias_subcommand :types, :'list-types'
   
   def default_refresh_interval
     5
@@ -271,10 +274,10 @@ class Morpheus::Cli::ReportsCommand
 
         # Report Types tell us what the available filters are...
         report_option_types = report_type['optionTypes'] || []
-        report_option_types = report_option_types.collect {|it|
-          it['fieldContext'] = nil
-          it
-        }
+        # report_option_types = report_option_types.collect {|it|
+        #   it['fieldContext'] = nil
+        #   it
+        # }
         # pluck out optionTypes like the UI does..
         metadata_option_type = nil
         if report_option_types.find {|it| it['fieldName'] == 'metadata' }
@@ -284,6 +287,13 @@ class Morpheus::Cli::ReportsCommand
         v_prompt = Morpheus::Cli::OptionTypes.prompt(report_option_types, options[:options], @api_client)
         payload.deep_merge!({'report' => v_prompt}) unless v_prompt.empty?
 
+        # strip out fieldContext: 'config' please
+        # just report.startDate instead of report.config.startDate
+        if payload['report']['config'].is_a?(Hash)
+          payload['report']['config']
+          payload['report'].deep_merge!(payload['report'].delete('config'))
+        end
+
         if metadata_option_type
           if !options[:options]['metadata']
             metadata_filter = prompt_metadata(options)
@@ -466,33 +476,30 @@ class Morpheus::Cli::ReportsCommand
     end
   end
 
-  def types(args)
+  def list_types(args)
+    params = {}
     options = {}
     optparse = Morpheus::Cli::OptionParser.new do |opts|
       opts.banner = subcommand_usage()
-      build_common_options(opts, options, [:list, :json, :dry_run, :remote])
+      build_standard_list_options(opts, options)
       opts.footer = "List report types."
     end
     optparse.parse!(args)
+    if args.count > 0
+      options[:phrase] = args.join(" ")
+    end
     connect(options)
-    begin
-      params = {}
-      params.merge!(parse_list_options(options))
-      
-      @reports_interface.setopts(options)
-      if options[:dry_run]
-        print_dry_run @reports_interface.dry.types(params)
-        return
-      end
-
-      json_response = @reports_interface.types(params)
-      if options[:json]
-        print JSON.pretty_generate(json_response)
-        print "\n"
-        return
-      end
-      
+    params.merge!(parse_list_options(options))
+    
+    @reports_interface.setopts(options)
+    if options[:dry_run]
+      print_dry_run @reports_interface.dry.types(params)
+      return
+    end
 
+    json_response = @reports_interface.types(params)
+    report_types = json_response['reportTypes']
+    render_response(json_response, options, 'reportTypes') do
       title = "Morpheus Report Types"
       subtitles = []
       subtitles += parse_list_subtitles(options)
@@ -520,13 +527,75 @@ class Morpheus::Cli::ReportsCommand
         end
       end
       print reset,"\n"
-      return 0
-    rescue RestClient::Exception => e
-      print_rest_exception(e, options)
-      exit 1
+    end
+    if report_types.empty?
+      return 1, "no report types found"
+    else
+      return 0, nil
     end
   end
 
+  def get_type(args)
+    params = {}
+    options = {}
+    optparse = Morpheus::Cli::OptionParser.new do |opts|
+      opts.banner = subcommand_usage()
+      build_standard_get_options(opts, options)
+      opts.footer = <<-EOT
+Get report type
+[name] is required. This is the name of a report type
+EOT
+    end
+    optparse.parse!(args)
+    connect(options)
+    verify_args!(args:args, optparse:optparse, min:1)
+    params.merge!(parse_query_options(options))
+    params['name'] = args.join(" ")
+    @reports_interface.setopts(options)
+    if options[:dry_run]
+      print_dry_run @reports_interface.dry.types(params)
+      return
+    end
+    
+    # json_response = @reports_interface.types(params)
+    # api does not have a show() action right now... so find by code or name only
+    report_type = find_report_type_by_name_or_code_id(params['name'])
+    return 1 if report_type.nil?
+    
+    # json_response = @reports_interface.get_type(report_type['id'])
+    # report_type = json_response['reportType']
+    json_response = {'reportType' => report_type}
+    render_response(json_response, options, 'reportType') do
+      print_h1 "Report Type Details", [], options
+      
+      description_cols = {
+        "ID" => 'id',
+        "Name" => 'name',
+        "Code" => 'code',
+        "Description" => 'description',
+        "Category" => 'category'
+      }
+      print_description_list(description_cols, report_type)
+
+      print_h2 "Option Types", options
+      opt_columns = [
+        {"ID" => lambda {|it| it['id'] } },
+        {"NAME" => lambda {|it| it['name'] } },
+        {"TYPE" => lambda {|it| it['type'] } },
+        {"FIELD NAME" => lambda {|it| it['fieldName'] } },
+        {"FIELD LABEL" => lambda {|it| it['fieldLabel'] } },
+        {"DEFAULT" => lambda {|it| it['defaultValue'] } },
+        {"REQUIRED" => lambda {|it| format_boolean it['required'] } },
+      ]
+      option_types = report_type['optionTypes']
+      sorted_option_types = (option_types && option_types[0] && option_types[0]['displayOrder']) ? option_types.sort { |x,y| x['displayOrder'].to_i <=> y['displayOrder'].to_i } : option_types
+      print as_pretty_table(sorted_option_types, opt_columns)
+
+      print reset,"\n"
+    end
+    return 0, nil
+    
+  end
 
   def find_report_result_by_id(id)
     begin
@@ -551,7 +620,7 @@ class Morpheus::Cli::ReportsCommand
   end
 
   def find_report_type_by_id(id)
-    @all_report_types ||= @reports_interface.list({max: 1000})['reportTypes'] || []
+    @all_report_types ||= @reports_interface.types({max: 10000})['reportTypes'] || []
     report_types = @all_report_types.select { |it| id && it['id'] == id.to_i }
     if report_types.empty?
       print_red_alert "Report Type not found by id #{id}"
@@ -570,7 +639,7 @@ class Morpheus::Cli::ReportsCommand
   end
 
   def find_report_type_by_name_or_code(name)
-    @all_report_types ||= @reports_interface.list({max: 1000})['reportTypes'] || []
+    @all_report_types ||= @reports_interface.types({max: 10000})['reportTypes'] || []
     report_types = @all_report_types.select { |it| name && it['code'] == name || it['name'] == name }
     if report_types.empty?
       print_red_alert "Report Type not found by code #{name}"

data/lib/morpheus/cli/roles.rb

@@ -211,56 +211,70 @@ EOT
         print cyan,"Use --permissions to list permissions","\n"
       end
 
+      has_group_access = true
+      has_cloud_access = true
       print_h2 "Global Access", options
-      puts as_pretty_table([json_response], [
-        {"Groups" => lambda {|it| get_access_string(it['globalSiteAccess']) } },
-        {"Clouds" => lambda {|it| get_access_string(it['globalZoneAccess']) } },
-        {"Instance Types" => lambda {|it| get_access_string(it['globalInstanceTypeAccess']) } },
-        {"Blueprints" => lambda {|it| get_access_string(it['globalAppTemplateAccess'] || it['globalBlueprintAccess']) } },
-        {"Catalog Item Types" => lambda {|it| get_access_string(it['globalCatalogItemTypeAccess']) } },
-      ], options)
-
-      #print_h2 "Group Access: #{get_access_string(json_response['globalSiteAccess'])}", options
-      print cyan
-      if json_response['globalSiteAccess'] == 'custom'
-        print_h2 "Group Access", options
-        if options[:include_group_access]
-          rows = json_response['sites'].collect do |it|
-            {
-              name: it['name'],
-              access: format_access_string(it['access'], ["none","read","full"]),
-            }
+      global_access_columns = {
+        "Groups" => lambda {|it| get_access_string(it['globalSiteAccess']) },
+        "Clouds" => lambda {|it| get_access_string(it['globalZoneAccess']) },
+        "Instance Types" => lambda {|it| get_access_string(it['globalInstanceTypeAccess']) },
+        "Blueprints" => lambda {|it| get_access_string(it['globalAppTemplateAccess'] || it['globalBlueprintAccess']) },
+        "Catalog Item Types" => lambda {|it| get_access_string(it['globalCatalogItemTypeAccess']) },
+      }
+      if role['roleType'].to_s.downcase == 'account'
+        global_access_columns.delete("Groups")
+        has_group_access = false
+      else
+        global_access_columns.delete("Clouds")
+        has_cloud_access = false
+      end
+      puts as_pretty_table([json_response], global_access_columns, options)
+
+      if has_group_access
+        #print_h2 "Group Access: #{get_access_string(json_response['globalSiteAccess'])}", options
+        print cyan
+        if json_response['globalSiteAccess'] == 'custom'
+          print_h2 "Group Access", options
+          if options[:include_group_access]
+            rows = json_response['sites'].collect do |it|
+              {
+                name: it['name'],
+                access: format_access_string(it['access'], ["none","read","full"]),
+              }
+            end
+            print as_pretty_table(rows, [:name, :access], options)
+          else
+            print cyan,"Use -g, --group-access to list custom access","\n"
           end
-          print as_pretty_table(rows, [:name, :access], options)
+          print reset,"\n"
         else
-          print cyan,"Use -g, --group-access to list custom access","\n"
+          # print "\n"
+          # print cyan,bold,"Group Access: #{get_access_string(json_response['globalSiteAccess'])}",reset,"\n"
         end
-        print reset,"\n"
-      else
-        # print "\n"
-        # print cyan,bold,"Group Access: #{get_access_string(json_response['globalSiteAccess'])}",reset,"\n"
       end
       
-      print cyan
-      #puts "Cloud Access: #{get_access_string(json_response['globalZoneAccess'])}"
-      #print "\n"
-      if json_response['globalZoneAccess'] == 'custom'
-        print_h2 "Cloud Access", options
-        if options[:include_cloud_access]
-          rows = json_response['zones'].collect do |it|
-            {
-              name: it['name'],
-              access: format_access_string(it['access'], ["none","read","full"]),
-            }
+      if has_cloud_access
+        print cyan
+        #puts "Cloud Access: #{get_access_string(json_response['globalZoneAccess'])}"
+        #print "\n"
+        if json_response['globalZoneAccess'] == 'custom'
+          print_h2 "Cloud Access", options
+          if options[:include_cloud_access]
+            rows = json_response['zones'].collect do |it|
+              {
+                name: it['name'],
+                access: format_access_string(it['access'], ["none","read","full"]),
+              }
+            end
+            print as_pretty_table(rows, [:name, :access], options)
+          else
+            print cyan,"Use -c, --cloud-access to list custom access","\n"
           end
-          print as_pretty_table(rows, [:name, :access], options)
+          print reset,"\n"
         else
-          print cyan,"Use -c, --cloud-access to list custom access","\n"
+          # print "\n"
+          # print cyan,bold,"Cloud Access: #{get_access_string(json_response['globalZoneAccess'])}",reset,"\n"
         end
-        print reset,"\n"
-      else
-        # print "\n"
-        # print cyan,bold,"Cloud Access: #{get_access_string(json_response['globalZoneAccess'])}",reset,"\n"
       end
 
       print cyan
@@ -326,7 +340,7 @@ EOT
           end
           print as_pretty_table(rows, [:name, :access], options)
         else
-          print cyan,"Use -b, --catalog-item-type-access to list custom access","\n"
+          print cyan,"Use --catalog-item-type-access to list custom access","\n"
         end
       else
         # print "\n"
@@ -335,7 +349,8 @@ EOT
       
 
       persona_permissions = json_response['personaPermissions'] || json_response['personas'] || []
-      if options[:include_catalog_item_types_access]
+      # if options[:include_personas_access]
+      if persona_permissions
         print_h2 "Persona Access", options
         rows = persona_permissions.collect do |it|
           {
@@ -552,7 +567,7 @@ EOT
     options = {}
     params = {}
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name] [options]")
+      opts.banner = subcommand_usage("[role] [options]")
       build_option_type_options(opts, options, update_role_option_types)
       build_common_options(opts, options, [:options, :payload, :json, :dry_run, :remote])
     end
@@ -630,7 +645,7 @@ EOT
   def remove(args)
     options = {}
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name]")
+      opts.banner = subcommand_usage("[role]")
       build_common_options(opts, options, [:auto_confirm, :json, :dry_run, :remote])
     end
     optparse.parse!(args)
@@ -770,41 +785,46 @@ EOT
     group_name = nil
     access_value = nil
     do_all = false
+    allowed_access_values = ['full', 'read', 'none']
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name]")
+      opts.banner = subcommand_usage("[role] [group] [access]")
       opts.on( '-g', '--group GROUP', "Group name or id" ) do |val|
         group_name = val
       end
       opts.on( nil, '--all', "Update all groups at once." ) do
         do_all = true
       end
-      opts.on( '--access VALUE', String, "Access value [full|read|none]" ) do |val|
+      opts.on( '--access VALUE', String, "Access value [#{allowed_access_values.join('|')}]" ) do |val|
         access_value = val
       end
       build_common_options(opts, options, [:json, :dry_run, :remote])
       opts.footer = "Update role access for a group or all groups.\n" +
-                    "[name] is required. This is the name or id of a role.\n" + 
+                    "[role] is required. This is the name or id of a role.\n" + 
                     "--group or --all is required. This is the name or id of a group.\n" + 
-                    "--access is required. This is the new access value."
+                    "--access is required. This is the new access value. #{anded_list(allowed_access_values)}"
     end
     optparse.parse!(args)
-    if args.count < 1
-      puts optparse
-      return 1
-    end
-    name = args[0]
-    # support old usage: [name] [group] [access]
-    group_name ||= args[1]
-    access_value ||= args[2]
 
-    if (!group_name && !do_all) || !access_value
-      puts optparse
-      return 1
+    # usage: update-group-access [role] [access] --all
+    #        update-group-access [role] [group] [access]
+    name = args[0]
+    if do_all
+      verify_args!(args:args, optparse:optparse, min:1, max:2)
+      access_value = args[1] if args[1]
+    else
+      verify_args!(args:args, optparse:optparse, min:1, max:3)
+      group_id = args[1] if args[1]
+      access_value = args[2] if args[2]
+    end
+    if !group_id && !do_all
+      raise_command_error("missing required argument: [group] or --all", optparse)
+    end
+    if !access_value
+      raise_command_error("missing required argument: [access]", optparse)
     end
-    
     access_value = access_value.to_s.downcase
-
-    if !['full', 'read', 'none'].include?(access_value)
+    if !allowed_access_values.include?(access_value)
+      raise_command_error("invalid access value: #{access_value}", optparse)
       puts optparse
       return 1
     end
@@ -915,6 +935,7 @@ EOT
     cloud_name = nil
     access_value = nil
     do_all = false
+    allowed_access_values = ['full', 'read', 'none']
     optparse = Morpheus::Cli::OptionParser.new do |opts|
       opts.banner = subcommand_usage("[name]")
       opts.on( '-c', '--cloud CLOUD', "Cloud name or id" ) do |val|
@@ -924,7 +945,7 @@ EOT
       opts.on( nil, '--all', "Update all clouds at once." ) do
         do_all = true
       end
-      opts.on( '--access VALUE', String, "Access value [full|read|none]" ) do |val|
+      opts.on( '--access VALUE', String, "Access value [#{allowed_access_values.join('|')}]" ) do |val|
         access_value = val
       end
       opts.on( '-g', '--group GROUP', "Group to find cloud in" ) do |val|
@@ -932,32 +953,34 @@ EOT
       end
       build_common_options(opts, options, [:json, :dry_run, :remote])
       opts.footer = "Update role access for a cloud or all clouds.\n" +
-                    "[name] is required. This is the name or id of a role.\n" + 
+                    "[role] is required. This is the name or id of a role.\n" + 
                     "--cloud or --all is required. This is the name or id of a cloud.\n" + 
-                    "--access is required. This is the new access value."
+                    "--access is required. This is the new access value. #{anded_list(allowed_access_values)}"
     end
     optparse.parse!(args)
 
-    if args.count < 1
-      puts optparse
-      return 1
-    end
+    # usage: update-cloud-access [role] [access] --all
+    #        update-cloud-access [role] [cloud] [access]
     name = args[0]
-    # support old usage: [name] [cloud] [access]
-    cloud_name ||= args[1]
-    access_value ||= args[2]
-
-    if (!cloud_name && !do_all) || !access_value
-      puts optparse
-      return 1
+    if do_all
+      verify_args!(args:args, optparse:optparse, min:1, max:2)
+      access_value = args[1] if args[1]
+    else
+      verify_args!(args:args, optparse:optparse, min:1, max:3)
+      cloud_id = args[1] if args[1]
+      access_value = args[2] if args[2]
+    end
+    if !cloud_id && !do_all
+      raise_command_error("missing required argument: [cloud] or --all", optparse)
+    end
+    if !access_value
+      raise_command_error("missing required argument: [access]", optparse)
     end
-    puts "cloud_name is : #{cloud_name}"
-    puts "access_value is : #{access_value}"
     access_value = access_value.to_s.downcase
-
-    if !['full', 'none'].include?(access_value)
+    if !allowed_access_values.include?(access_value)
+      raise_command_error("invalid access value: #{access_value}", optparse)
       puts optparse
-      exit 1
+      return 1
     end
 
     connect(options)
@@ -1025,10 +1048,10 @@ EOT
   end
 
   def update_global_instance_type_access(args)
-    usage = "Usage: morpheus roles update-global-instance-type-access [name] [full|custom|none]"
+    usage = "Usage: morpheus roles update-global-instance-type-access [role] [full|custom|none]"
     options = {}
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name] [full|custom|none]")
+      opts.banner = subcommand_usage("[role] [full|custom|none]")
       build_common_options(opts, options, [:json, :dry_run, :remote])
     end
     optparse.parse!(args)
@@ -1077,22 +1100,23 @@ EOT
     instance_type_name = nil
     access_value = nil
     do_all = false
+    allowed_access_values = ['full', 'none']
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name]")
+      opts.banner = subcommand_usage("[role] [type] [access]")
       opts.on( '--instance-type INSTANCE_TYPE', String, "Instance Type name" ) do |val|
         instance_type_name = val
       end
       opts.on( nil, '--all', "Update all instance types at once." ) do
         do_all = true
       end
-      opts.on( '--access VALUE', String, "Access value [full|read|none]" ) do |val|
+      opts.on( '--access VALUE', String, "Access value [#{allowed_access_values.join('|')}]" ) do |val|
         access_value = val
       end
       build_common_options(opts, options, [:json, :dry_run, :remote])
       opts.footer = "Update role access for an instance type or all instance types.\n" +
-                    "[name] is required. This is the name or id of a role.\n" + 
+                    "[role] is required. This is the name or id of a role.\n" + 
                     "--instance-type or --all is required. This is the name of an instance type.\n" + 
-                    "--access is required. This is the new access value."
+                    "--access is required. This is the new access value. #{anded_list(allowed_access_values)}"
     end
     optparse.parse!(args)
 
@@ -1101,7 +1125,7 @@ EOT
       return 1
     end
     name = args[0]
-    # support old usage: [name] [instance-type] [access]
+    # support old usage: [role] [instance-type] [access]
     instance_type_name ||= args[1]
     access_value ||= args[2]
 
@@ -1170,10 +1194,10 @@ EOT
   end
 
   def update_global_blueprint_access(args)
-    usage = "Usage: morpheus roles update-global-blueprint-access [name] [full|custom|none]"
+    usage = "Usage: morpheus roles update-global-blueprint-access [role] [full|custom|none]"
     options = {}
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name] [full|custom|none]")
+      opts.banner = subcommand_usage("[role] [full|custom|none]")
       build_common_options(opts, options, [:json, :dry_run, :remote])
     end
     optparse.parse!(args)
@@ -1222,42 +1246,46 @@ EOT
     blueprint_id = nil
     access_value = nil
     do_all = false
+    allowed_access_values = ['full', 'none']
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name]")
+      opts.banner = subcommand_usage("[role] [blueprint] [access]")
       opts.on( '--blueprint ID', String, "Blueprint ID or Name" ) do |val|
         blueprint_id = val
       end
       opts.on( nil, '--all', "Update all blueprints at once." ) do
         do_all = true
       end
-      opts.on( '--access VALUE', String, "Access value [full|read|none]" ) do |val|
+      opts.on( '--access VALUE', String, "Access value [#{allowed_access_values.join('|')}]" ) do |val|
         access_value = val
       end
       build_common_options(opts, options, [:json, :dry_run, :remote])
       opts.footer = "Update role access for an blueprint or all blueprints.\n" +
-                    "[name] is required. This is the name or id of a role.\n" + 
+                    "[role] is required. This is the name or id of a role.\n" + 
                     "--blueprint or --all is required. This is the name or id of a blueprint.\n" + 
-                    "--access is required. This is the new access value."
+                    "--access is required. This is the new access value. #{anded_list(allowed_access_values)}"
     end
     optparse.parse!(args)
 
-    if args.count < 1
-      puts optparse
-      return 1
-    end
+    # usage: update-blueprint-access [role] [access] --all
+    #        update-blueprint-access [role] [blueprint] [access]
     name = args[0]
-    # support old usage: [name] [blueprint] [access]
-    blueprint_id ||= args[1]
-    access_value ||= args[2]
-
-    if (!blueprint_id && !do_all) || !access_value
-      puts_error optparse
-      return 1
+    if do_all
+      verify_args!(args:args, optparse:optparse, min:1, max:2)
+      access_value = args[1] if args[1]
+    else
+      verify_args!(args:args, optparse:optparse, min:1, max:3)
+      blueprint_id = args[1] if args[1]
+      access_value = args[2] if args[2]
+    end
+    if !blueprint_id && !do_all
+      raise_command_error("missing required argument: [blueprint] or --all", optparse)
+    end
+    if !access_value
+      raise_command_error("missing required argument: [access]", optparse)
     end
-    
     access_value = access_value.to_s.downcase
-
-    if !['full', 'none'].include?(access_value)
+    if !allowed_access_values.include?(access_value)
+      raise_command_error("invalid access value: #{access_value}", optparse)
       puts optparse
       return 1
     end
@@ -1327,10 +1355,10 @@ EOT
   end
 
   def update_global_catalog_item_type_access(args)
-    usage = "Usage: morpheus roles update-global-catalog-item-type-access [name] [full|custom|none]"
+    usage = "Usage: morpheus roles update-global-catalog-item-type-access [role] [full|custom|none]"
     options = {}
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name] [full|custom|none]")
+      opts.banner = subcommand_usage("[role] [full|custom|none]")
       build_common_options(opts, options, [:json, :dry_run, :remote])
     end
     optparse.parse!(args)
@@ -1379,42 +1407,46 @@ EOT
     catalog_item_type_id = nil
     access_value = nil
     do_all = false
+    allowed_access_values = ['full', 'none']
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name]")
+      opts.banner = subcommand_usage("[role] [catalog-item-type] [access]")
       opts.on( '--catalog-item-type ID', String, "Catalog Item Type ID or Name" ) do |val|
         catalog_item_type_id = val
       end
       opts.on( nil, '--all', "Update all catalog item types at once." ) do
         do_all = true
       end
-      opts.on( '--access VALUE', String, "Access value [full|none]" ) do |val|
+      opts.on( '--access VALUE', String, "Access value [#{allowed_access_values.join('|')}]" ) do |val|
         access_value = val
       end
       build_common_options(opts, options, [:json, :dry_run, :remote])
       opts.footer = "Update role access for an catalog item type or all types.\n" +
-                    "[name] is required. This is the name or id of a role.\n" + 
+                    "[role] is required. This is the name or id of a role.\n" + 
                     "--catalog-item-type or --all is required. This is the name or id of a catalog item type.\n" + 
-                    "--access is required. This is the new access value."
+                    "--access is required. This is the new access value. #{anded_list(allowed_access_values)}"
     end
     optparse.parse!(args)
 
-    if args.count < 1
-      puts optparse
-      return 1
-    end
+    # usage: update-catalog_item_type-access [role] [access] --all
+    #        update-catalog_item_type-access [role] [catalog-item-type] [access]
     name = args[0]
-    # support old usage: [name] [catalog_item_type] [access]
-    catalog_item_type_id ||= args[1]
-    access_value ||= args[2]
-
-    if (!catalog_item_type_id && !do_all) || !access_value
-      puts_error optparse
-      return 1
+    if do_all
+      verify_args!(args:args, optparse:optparse, min:1, max:2)
+      access_value = args[1] if args[1]
+    else
+      verify_args!(args:args, optparse:optparse, min:1, max:3)
+      catalog_item_type_id = args[1] if args[1]
+      access_value = args[2] if args[2]
+    end
+    if !catalog_item_type_id && !do_all
+      raise_command_error("missing required argument: [catalog-item-type] or --all", optparse)
+    end
+    if !access_value
+      raise_command_error("missing required argument: [access]", optparse)
     end
-    
     access_value = access_value.to_s.downcase
-
-    if !['full', 'none'].include?(access_value)
+    if !allowed_access_values.include?(access_value)
+      raise_command_error("invalid access value: #{access_value}", optparse)
       puts optparse
       return 1
     end
@@ -1484,44 +1516,49 @@ EOT
   def update_persona_access(args)
     options = {}
     persona_id = nil
+    name = nil
     access_value = nil
     do_all = false
+    allowed_access_values = ['full', 'none']
     optparse = Morpheus::Cli::OptionParser.new do |opts|
-      opts.banner = subcommand_usage("[name] [serviceCatalog|standard]")
+      opts.banner = subcommand_usage("[role] [persona] [access]")
       opts.on( '--persona CODE', String, "Persona Code" ) do |val|
         persona_id = val
       end
       opts.on( nil, '--all', "Update all personas at once." ) do
         do_all = true
       end
-      opts.on( '--access VALUE', String, "Access value [full|none]" ) do |val|
+      opts.on( '--access VALUE', String, "Access value [#{allowed_access_values.join('|')}]" ) do |val|
         access_value = val
       end
       build_common_options(opts, options, [:json, :dry_run, :remote])
-      opts.footer = "Update role access for an persona or personas.\n" +
-                    "[name] is required. This is the name or id of a role.\n" + 
-                    "--persona or --all is required. This is the code of a persona.\n" + 
-                    "--access is required. This is the new access value."
+      opts.footer = "Update role access for a persona or all personas.\n" +
+                    "[role] is required. This is the name or id of a role.\n" + 
+                    "--persona or --all is required. This is the code of a persona. Service Catalog or Standard\n" + 
+                    "--access is required. This is the new access value. #{anded_list(allowed_access_values)}"
     end
     optparse.parse!(args)
 
-    if args.count < 1
-      puts optparse
-      return 1
-    end
+    # usage: update-persona-access [role] [access] --all
+    #        update-persona-access [role] [persona] [access]
     name = args[0]
-    # support old usage: [name] [persona] [access]
-    persona_id ||= args[1]
-    access_value ||= args[2]
-
-    if (!persona_id && !do_all) || !access_value
-      puts_error optparse
-      return 1
+    if do_all
+      verify_args!(args:args, optparse:optparse, min:1, max:2)
+      access_value = args[1] if args[1]
+    else
+      verify_args!(args:args, optparse:optparse, min:1, max:3)
+      persona_id = args[1] if args[1]
+      access_value = args[2] if args[2]
+    end
+    if !persona_id && !do_all
+      raise_command_error("missing required argument: [persona] or --all", optparse)
+    end
+    if !access_value
+      raise_command_error("missing required argument: [access]", optparse)
     end
-    
     access_value = access_value.to_s.downcase
-
-    if !['full', 'none'].include?(access_value)
+    if !allowed_access_values.include?(access_value)
+      raise_command_error("invalid access value: #{access_value}", optparse)
       puts optparse
       return 1
     end
@@ -1573,12 +1610,13 @@ EOT
   
   def add_role_option_types
     [
-      {'fieldName' => 'authority', 'fieldLabel' => 'Name', 'type' => 'text', 'required' => true, 'displayOrder' => 1},
-      {'fieldName' => 'description', 'fieldLabel' => 'Description', 'type' => 'text', 'displayOrder' => 2},
-      {'fieldName' => 'roleType', 'fieldLabel' => 'Role Type', 'type' => 'select', 'selectOptions' => [{'name' => 'User Role', 'value' => 'user'}, {'name' => 'Account Role', 'value' => 'account'}], 'defaultValue' => 'user', 'displayOrder' => 3},
-      {'fieldName' => 'baseRole', 'fieldLabel' => 'Copy From Role', 'type' => 'text', 'displayOrder' => 4},
-      {'fieldName' => 'multitenant', 'fieldLabel' => 'Multitenant', 'type' => 'checkbox', 'defaultValue' => 'off', 'description' => 'A Multitenant role is automatically copied into all existing subaccounts as well as placed into a subaccount when created. Useful for providing a set of predefined roles a Customer can use', 'displayOrder' => 5},
-      {'fieldName' => 'multitenantLocked', 'fieldLabel' => 'Multitenant Locked', 'type' => 'checkbox', 'defaultValue' => 'off', 'description' => 'Prevents subtenants from branching off this role/modifying it. ', 'displayOrder' => 6}
+      {'fieldName' => 'authority', 'fieldLabel' => 'Name', 'type' => 'text', 'required' => true},
+      {'fieldName' => 'description', 'fieldLabel' => 'Description', 'type' => 'text'},
+      {'fieldName' => 'roleType', 'fieldLabel' => 'Role Type', 'type' => 'select', 'selectOptions' => [{'name' => 'User Role', 'value' => 'user'}, {'name' => 'Account Role', 'value' => 'account'}], 'defaultValue' => 'user'},
+      {'fieldName' => 'baseRole', 'fieldLabel' => 'Copy From Role', 'type' => 'text'},
+      {'fieldName' => 'multitenant', 'fieldLabel' => 'Multitenant', 'type' => 'checkbox', 'defaultValue' => 'off', 'description' => 'A Multitenant role is automatically copied into all existing subaccounts as well as placed into a subaccount when created. Useful for providing a set of predefined roles a Customer can use'},
+      {'fieldName' => 'multitenantLocked', 'fieldLabel' => 'Multitenant Locked', 'type' => 'checkbox', 'defaultValue' => 'off', 'description' => 'Prevents subtenants from branching off this role/modifying it. '},
+      {'fieldName' => 'defaultPersona', 'fieldLabel' => 'Default Persona', 'type' => 'select', 'selectOptions' => [{'name'=>'Service Catalog','value'=>'serviceCatalog'},{'name'=>'Standard','value'=>'standard'}], 'description' => 'Default Persona'}
     ]
   end