td 0.10.36 → 0.10.37

data/ChangeLog

@@ -1,3 +1,28 @@
+
+== 2012-08-06 version 0.10.37
+
+* Added access control
+  * acl:list
+  * acl:grant <subject> <action> <scope>
+  * acl:revoke <subject> <action> <scope>
+* Added multiuser features
+  * org:list
+  * org:show <name>
+  * org:create <name>
+  * org:delete <name>
+  * user:list
+  * user:show <name>
+  * user:create <name>
+  * user:delete <name>
+  * user:apikey:list <name>
+  * role:list
+  * role:show <name>
+  * role:create <name>
+  * role:delete <name>
+  * role:grant <name> <user>
+  * role:revoke <name> <user>
+
+
 == 2012-07-27 version 0.10.36
 
 * More friendly message for 'td account'

data/lib/td/command/acl.rb

@@ -0,0 +1,53 @@
+
+module TreasureData
+module Command
+
+  def acl_list(op)
+    op.cmd_parse
+
+    client = get_client
+
+    acl = client.access_controls
+
+    rows = []
+    acl.each {|ac|
+      rows << {:Subject => ac.subject, :Action => ac.action, :Scope => ac.scope, :"Grant option" => ac.grant_option}
+    }
+
+    puts cmd_render_table(rows, :fields => [:Subject, :Action, :Scope, :"Grant option"])
+
+    if rows.empty?
+      $stderr.puts "There are no access controls."
+      $stderr.puts "Use '#{$prog} acl:grant <subject> <action> <scope>' to grant permissions."
+    end
+  end
+
+  def acl_grant(op)
+    grant_option = true
+
+    op.on('--no-grant-option', '-N', 'Grant without grant option', TrueClass) {|b|
+      grant_option = !b
+    }
+
+    subject, action, scope = op.cmd_parse
+
+    client = get_client
+
+    client.grant_access_control(subject, action, scope, grant_option)
+
+    $stderr.puts "Access control [#{subject} #{action} #{scope}] is created #{grant_option? ? 'with' : 'without'} grant option."
+  end
+
+  def acl_revoke(op)
+    subject, action, scope = op.cmd_parse
+
+    client = get_client
+
+    client.revoke_access_control(subject, action, scope)
+
+    $stderr.puts "Access control [#{subject} #{action} #{scope}] is created."
+  end
+
+  # TODO acl_test
+end
+end

data/lib/td/command/list.rb

@@ -266,6 +266,29 @@ module List
   add_list 'apikey:show', %w[], 'Show Treasure Data API key'
   add_list 'apikey:set', %w[apikey], 'Set Treasure Data API key'
 
+  add_list 'user:list', %w[], 'Show list of users'
+  add_list 'user:show', %w[name], 'Show an user'
+  add_list 'user:create', %w[name], 'Create an user'
+  add_list 'user:delete', %w[name], 'Delete an user'
+  add_list 'user:apikey:list', %w[name], 'Show API keys'
+
+  add_list 'role:list', %w[], 'Show list of roles'
+  add_list 'role:show', %w[name], 'Show a role'
+  add_list 'role:create', %w[name], 'Create a role'
+  add_list 'role:delete', %w[name], 'Delete a role'
+  add_list 'role:grant', %w[name user], 'Grant role to an user'
+  add_list 'role:revoke', %w[name user], 'Revoke role from an user'
+
+  add_list 'org:list', %w[], 'Show list of organizations'
+  add_list 'org:show', %w[name], 'Show an organizations'
+  add_list 'org:create', %w[name], 'Create an organizations'
+  add_list 'org:delete', %w[name], 'Delete an organizations'
+
+  add_list 'acl:list', %w[], 'Show list of access controls'
+  add_list 'acl:grant', %w[subject action scope], 'Grant an access control'
+  add_list 'acl:revoke', %w[subject action scope], 'Revoke an access control'
+  # TODO acl:test
+
   add_list 'aggr:list', %w[], 'Show list of aggregation schemas'
   add_list 'aggr:show', %w[name], 'Describe a aggregation schema'
   add_list 'aggr:create', %w[name relation_key], 'Create a aggregation schema'
@@ -318,6 +341,23 @@ module List
   add_alias 'jobs', 'job:list'
   add_alias 'kill', 'job:kill'
 
+  add_alias 'user', 'user:show'
+  add_alias 'users', 'user:list'
+  add_alias 'user:apikey', 'user:apikey:list'
+  add_alias 'user:apikeys', 'user:apikey:list'
+
+  add_alias 'role', 'role:show'
+  add_alias 'roles', 'role:list'
+
+  add_alias 'org', 'org:show'
+  add_alias 'orgs', 'org:list'
+  add_alias 'organization', 'org:create'
+  add_alias 'organization', 'org:delete'
+  add_alias 'organization', 'org:list'
+
+  add_alias 'acl', 'acl:list'
+  add_alias 'acls', 'acl:list'
+
   add_alias 'aggr', 'aggr:show'
   add_alias 'aggrs', 'aggr:list'
 

data/lib/td/command/org.rb

@@ -0,0 +1,63 @@
+
+module TreasureData
+module Command
+
+  def org_show(op)
+    name = op.cmd_parse
+
+    client = get_client
+
+    orgs = client.organizations
+    org = orgs.find {|org| name == org.name }
+    unless org
+      $stderr.puts "Organization '#{name}' does not exist."
+      $stderr.puts "Use '#{$prog} org:create <name>' to create an organization."
+      exit 1
+    end
+
+    $stderr.puts "Name         : #{org.name}"
+  end
+
+  def org_list(op)
+    op.cmd_parse
+
+    client = get_client
+
+    orgs = client.organizations
+
+    rows = []
+    orgs.each {|org|
+      rows << {:Name => org.name}
+    }
+
+    puts cmd_render_table(rows, :fields => [:Name])
+
+    if rows.empty?
+      $stderr.puts "There are no organizations."
+      $stderr.puts "Use '#{$prog} org:create <name>' to create an organization."
+    end
+  end
+
+  def org_create(op)
+    name = op.cmd_parse
+
+    client = get_client
+
+    client.create_organization(name)
+
+    $stderr.puts "Organization '#{name}' is created."
+  end
+
+  def org_delete(op)
+    name = op.cmd_parse
+
+    client = get_client
+
+    client.delete_organization(name)
+
+    $stderr.puts "Organization '#{name}' is deleted."
+  end
+
+end
+end
+

data/lib/td/command/role.rb

@@ -0,0 +1,91 @@
+
+module TreasureData
+module Command
+
+  def role_show(op)
+    name = op.cmd_parse
+
+    client = get_client
+
+    roles = client.roles
+    role = roles.find {|role| name == role.name }
+    unless role
+      $stderr.puts "Role '#{name}' does not exist."
+      $stderr.puts "Use '#{$prog} role:create <name>' to create a role."
+      exit 1
+    end
+
+    $stderr.puts "Name         : #{role.name}"
+    $stderr.puts "Organization : #{role.org_name}"
+    $stderr.puts "Users        : #{role.user_names.join(', ')}"
+  end
+
+  def role_list(op)
+    op.cmd_parse
+
+    client = get_client
+
+    roles = client.roles
+
+    rows = []
+    roles.each {|role|
+      rows << {:Name => role.name, :Organization => role.org_name, :Users => role.user_names.join(',')}
+    }
+
+    puts cmd_render_table(rows, :fields => [:Name, :Organization, :Users])
+
+    if rows.empty?
+      $stderr.puts "There are no roles."
+      $stderr.puts "Use '#{$prog} org:create <name>' to create a role."
+    end
+  end
+
+  def role_create(op)
+    org = nil
+
+    op.on('-g', '--org ORGANIZATION', "create the role under this organization") {|s|
+      org = s
+    }
+
+    name = op.cmd_parse
+
+    client = get_client
+
+    client.create_role(name, org)
+
+    $stderr.puts "Role '#{name}' is created."
+  end
+
+  def role_delete(op)
+    name = op.cmd_parse
+
+    client = get_client
+
+    client.delete_role(name)
+
+    $stderr.puts "Role '#{name}' is deleted."
+  end
+
+  def role_grant(op)
+    name, user = op.cmd_parse
+
+    client = get_client
+
+    client.grant_role(name, user)
+
+    $stderr.puts "Role '#{name}' is granted to user '#{user}'."
+  end
+
+  def role_revoke(op)
+    name, user = op.cmd_parse
+
+    client = get_client
+
+    client.revoke_role(name, user)
+
+    $stderr.puts "Role '#{name}' is revoked from user '#{user}'."
+  end
+
+end
+end
+

data/lib/td/command/status.rb

@@ -24,7 +24,7 @@ module Command
 
     s = client.schedules
     s.each {|sched|
-      scheds << {:Name => sched.name, :Cron => sched.cron, :Result => sched.rset_name, :Query => sched.query}
+      scheds << {:Name => sched.name, :Cron => sched.cron, :Result => sched.result_url, :Query => sched.query}
     }
     scheds = scheds.sort_by {|map|
       map[:Name]
@@ -35,7 +35,7 @@ module Command
     j.each {|job|
       start = job.start_at
       elapsed = cmd_format_elapsed(start, job.end_at)
-      jobs << {:JobID => job.job_id, :Status => job.status, :Query => job.query.to_s, :Start => (start ? start.localtime : ''), :Elapsed => elapsed, :Result => job.rset_name}
+      jobs << {:JobID => job.job_id, :Status => job.status, :Query => job.query.to_s, :Start => (start ? start.localtime : ''), :Elapsed => elapsed, :Result => job.result_url}
     }
     x2, y2 = status_render(0, 0, "[Jobs]", jobs, :fields => [:JobID, :Status, :Start, :Elapsed, :Result, :Query])
 
@@ -47,14 +47,14 @@ module Command
     }
     x3, y3 = status_render(0, 0, "[Tables]", tables, :fields => [:Database, :Table, :Count])
 
-    r = client.result_sets
-    r.each {|rset|
-      results << {:Name => rset.name}
+    rs = client.results
+    rs.each {|r|
+      results << {:Name => r.name, :URL => r.url}
     }
     results = results.sort_by {|map|
       map[:Name]
     }
-    x4, y4 = status_render(x3+2, y3, "[Results]", results, :fields => [:Name])
+    x4, y4 = status_render(x3+2, y3, "[Results]", results, :fields => [:Name, :URL])
 
     (y3-y4-1).times do
       print "\eD"

data/lib/td/command/user.rb

@@ -0,0 +1,187 @@
+
+module TreasureData
+module Command
+
+  def user_show(op)
+    name = op.cmd_parse
+
+    client = get_client
+
+    users = client.users
+    user = users.find {|user| name == user.name }
+    unless user
+      $stderr.puts "User '#{name}' does not exist."
+      $stderr.puts "Use '#{$prog} user:create <name>' to create an user."
+      exit 1
+    end
+
+    $stderr.puts "Name         : #{user.name}"
+    $stderr.puts "Organization : #{user.org_name}"
+    $stderr.puts "Email        : #{user.email}"
+    $stderr.puts "Roles        : #{user.role_names.join(', ')}"
+  end
+
+  def user_list(op)
+    op.cmd_parse
+
+    client = get_client
+
+    users = client.users
+
+    rows = []
+    users.each {|user|
+      rows << {:Name => user.name, :Organization => user.org_name, :Email => user.email, :Roles => user.role_names.join(',')}
+    }
+
+    puts cmd_render_table(rows, :fields => [:Name, :Organization, :Email, :Roles])
+
+    if rows.empty?
+      $stderr.puts "There are no users."
+      $stderr.puts "Use '#{$prog} user:create <name>' to create an users."
+    end
+  end
+
+  def user_create(op)
+    org = nil
+    email = nil
+    random_password = false
+
+    op.on('-g', '--org ORGANIZATION', "create the user under this organization") {|s|
+      org = s
+    }
+
+    op.on('-e', '--email EMAIL', "Use this email address to identify the user") {|s|
+      email = s
+    }
+
+    op.on('-R', '--random-password', "Generate random password", TrueClass) {|b|
+      random_password = b
+    }
+
+    name = op.cmd_parse
+
+    unless email
+      $stderr.puts "-e, --email EMAIL option is required."
+      exit 1
+    end
+
+    if random_password
+      lower = ('a'..'z').to_a
+      upper = ('A'..'Z').to_a
+      digit = ('0'..'9').to_a
+      symbol = %w[_ @ - + ;]
+
+      r = []
+      3.times { r << lower.sort_by{rand}.first }
+      3.times { r << upper.sort_by{rand}.first }
+      2.times { r << digit.sort_by{rand}.first }
+      1.times { r << symbol.sort_by{rand}.first }
+      password = r.sort_by{rand}.join
+
+      puts "Password: #{password}"
+
+    else
+      3.times do
+        begin
+          system "stty -echo"  # TODO termios
+          print "Password (typing will be hidden): "
+          password = STDIN.gets || ""
+          password = password[0..-2]  # strip \n
+        rescue Interrupt
+          $stderr.print "\ncanceled."
+          exit 1
+        ensure
+          system "stty echo"   # TODO termios
+          print "\n"
+        end
+
+        if password.empty?
+          $stderr.puts "canceled."
+          exit 0
+        end
+
+        begin
+          system "stty -echo"  # TODO termios
+          print "Retype password: "
+          password2 = STDIN.gets || ""
+          password2 = password2[0..-2]  # strip \n
+        rescue Interrupt
+          $stderr.print "\ncanceled."
+          exit 1
+        ensure
+          system "stty echo"   # TODO termios
+          print "\n"
+        end
+
+        if password == password2
+          break
+        end
+
+        puts "Doesn't match."
+      end
+    end
+
+    client = get_client(:ssl => true)
+
+    client.add_user(name, org)
+
+    ok = false
+    begin
+      client.change_email(name, email)
+      client.change_password(name, password)
+      client.add_apikey(name)
+      ok = true
+    ensure
+      unless ok
+        client.remove_user(name)
+      end
+    end
+
+    $stderr.puts "User '#{name}' is created."
+    $stderr.puts "Use '#{$prog} user:apikeys #{name}' to show the API key."
+  end
+
+  def user_delete(op)
+    name = op.cmd_parse
+
+    client = get_client
+
+    client.remove_user(name)
+
+    $stderr.puts "User '#{name}' is deleted."
+  end
+
+  ## TODO user:email:change <name> <email>
+  #def user_email_change(op)
+  #end
+
+  ## TODO user:apikey:add <name>
+  #def user_apikey_add(op)
+  #end
+
+  ## TODO user:apikey:remove <name> <apikey>
+  #def user_apikey_remove(op)
+  #end
+
+  def user_apikey_list(op)
+    name = op.cmd_parse
+
+    client = get_client
+
+    keys = client.list_apikeys(name)
+
+    rows = []
+    keys.each {|key|
+      rows << {:Key => key}
+    }
+
+    puts cmd_render_table(rows, :fields => [:Key])
+  end
+
+  ## TODO user:password:change <name>
+  #def user_password_change(op)
+  #end
+
+end
+end
+

data/lib/td/version.rb

@@ -1,5 +1,5 @@
 module TreasureData
 
-VERSION = '0.10.36'
+VERSION = '0.10.37'
 
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: td
 version: !ruby/object:Gem::Version
-  version: 0.10.36
+  version: 0.10.37
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-07-28 00:00:00.000000000 Z
+date: 2012-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: msgpack
@@ -66,7 +66,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.8.20
+        version: 0.8.21
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -74,7 +74,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 0.8.20
+        version: 0.8.21
 - !ruby/object:Gem::Dependency
   name: td-logger
   requirement: !ruby/object:Gem::Requirement
@@ -136,6 +136,7 @@ files:
 - data/sample_apache_gen.rb
 - lib/td.rb
 - lib/td/command/account.rb
+- lib/td/command/acl.rb
 - lib/td/command/aggr.rb
 - lib/td/command/apikey.rb
 - lib/td/command/bulk_import.rb
@@ -146,8 +147,10 @@ files:
 - lib/td/command/import.rb
 - lib/td/command/job.rb
 - lib/td/command/list.rb
+- lib/td/command/org.rb
 - lib/td/command/query.rb
 - lib/td/command/result.rb
+- lib/td/command/role.rb
 - lib/td/command/runner.rb
 - lib/td/command/sample.rb
 - lib/td/command/sched.rb
@@ -155,6 +158,7 @@ files:
 - lib/td/command/server.rb
 - lib/td/command/status.rb
 - lib/td/command/table.rb
+- lib/td/command/user.rb
 - lib/td/compat_core.rb
 - lib/td/compat_gzip_reader.rb
 - lib/td/config.rb
@@ -162,8 +166,7 @@ files:
 - lib/td/version.rb
 - ChangeLog
 - README.rdoc
-- !binary |-
-  YmluL3Rk
+- bin/td
 homepage: http://treasure-data.com/
 licenses: []
 post_install_message: 
@@ -184,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.21
+rubygems_version: 1.8.23
 signing_key: 
 specification_version: 3
 summary: CLI to manage data on Treasure Data, the Hadoop-based cloud data warehousing