etcdctl: a flag for getting detailed information of a user

This commit adds a new flag --detail to etcdctl user get command. The
flag enables printing the detailed permission information of the user
like below example:

$ ETCDCTL_API=3 bin/etcdctl --user root:p user get u1
User: u1
Roles: r1 r2
$ ETCDCTL_API=3 bin/etcdctl --user root:p user get u1 --detail
User: u1

Role r1
KV Read:
        [k1, k5)
KV Write:
        [k1, k5)

Role r2
KV Read:
        a
        b
        [k8, k9)
KV Write:
        a
        b
        [k8, k9)

etcdctl/ctlv3/command/role_command.go

@@ -115,18 +115,7 @@ func roleDeleteCommandFunc(cmd *cobra.Command, args []string) {
 	fmt.Printf("Role %s deleted\n", args[0])
 }
 
-// roleGetCommandFunc executes the "role get" command.
-func roleGetCommandFunc(cmd *cobra.Command, args []string) {
-	if len(args) != 1 {
-		ExitWithError(ExitBadArgs, fmt.Errorf("role get command requires role name as its argument."))
-	}
-
-	name := args[0]
-	resp, err := mustClientFromCmd(cmd).Auth.RoleGet(context.TODO(), name)
-	if err != nil {
-		ExitWithError(ExitError, err)
-	}
-
+func printRolePermissions(name string, resp *clientv3.AuthRoleGetResponse) {
 	fmt.Printf("Role %s\n", name)
 	fmt.Println("KV Read:")
 	for _, perm := range resp.Perm {
@@ -150,6 +139,21 @@ func roleGetCommandFunc(cmd *cobra.Command, args []string) {
 	}
 }
 
+// roleGetCommandFunc executes the "role get" command.
+func roleGetCommandFunc(cmd *cobra.Command, args []string) {
+	if len(args) != 1 {
+		ExitWithError(ExitBadArgs, fmt.Errorf("role get command requires role name as its argument."))
+	}
+
+	name := args[0]
+	resp, err := mustClientFromCmd(cmd).Auth.RoleGet(context.TODO(), name)
+	if err != nil {
+		ExitWithError(ExitError, err)
+	}
+
+	printRolePermissions(name, resp)
+}
+
 // roleListCommandFunc executes the "role list" command.
 func roleListCommandFunc(cmd *cobra.Command, args []string) {
 	if len(args) != 0 {

etcdctl/ctlv3/command/user_command.go

@@ -23,6 +23,10 @@ import (
 	"golang.org/x/net/context"
 )
 
+var (
+	userShowDetail bool
+)
+
 // NewUserCommand returns the cobra command for "user".
 func NewUserCommand() *cobra.Command {
 	ac := &cobra.Command{
@@ -66,12 +70,15 @@ func newUserDeleteCommand() *cobra.Command {
 }
 
 func newUserGetCommand() *cobra.Command {
-	// TODO(mitake): this command should also get detailed information of roles of the user
-	return &cobra.Command{
+	cmd := cobra.Command{
 		Use:   "get <user name>",
 		Short: "get detailed information of a user",
 		Run:   userGetCommandFunc,
 	}
+
+	cmd.Flags().BoolVar(&userShowDetail, "detail", false, "show permissions of roles granted to the user")
+
+	return &cmd
 }
 
 func newUserListCommand() *cobra.Command {
@@ -153,17 +160,30 @@ func userGetCommandFunc(cmd *cobra.Command, args []string) {
 	}
 
 	name := args[0]
-	resp, err := mustClientFromCmd(cmd).Auth.UserGet(context.TODO(), name)
+	client := mustClientFromCmd(cmd)
+	resp, err := client.Auth.UserGet(context.TODO(), name)
 	if err != nil {
 		ExitWithError(ExitError, err)
 	}
 
 	fmt.Printf("User: %s\n", name)
-	fmt.Printf("Roles:")
-	for _, role := range resp.Roles {
-		fmt.Printf(" %s", role)
+	if !userShowDetail {
+		fmt.Printf("Roles:")
+		for _, role := range resp.Roles {
+			fmt.Printf(" %s", role)
+		}
+		fmt.Printf("\n")
+	} else {
+		for _, role := range resp.Roles {
+			fmt.Printf("\n")
+			roleResp, err := client.Auth.RoleGet(context.TODO(), role)
+			if err != nil {
+				ExitWithError(ExitError, err)
+			}
+
+			printRolePermissions(role, roleResp)
+		}
 	}
-	fmt.Printf("\n")
 }
 
 // userListCommandFunc executes the "user list" command.