user_command.go 7.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280
  1. // Copyright 2016 The etcd Authors
  2. //
  3. // Licensed under the Apache License, Version 2.0 (the "License");
  4. // you may not use this file except in compliance with the License.
  5. // You may obtain a copy of the License at
  6. //
  7. // http://www.apache.org/licenses/LICENSE-2.0
  8. //
  9. // Unless required by applicable law or agreed to in writing, software
  10. // distributed under the License is distributed on an "AS IS" BASIS,
  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. // See the License for the specific language governing permissions and
  13. // limitations under the License.
  14. package command
  15. import (
  16. "fmt"
  17. "strings"
  18. "github.com/bgentry/speakeasy"
  19. "github.com/spf13/cobra"
  20. "golang.org/x/net/context"
  21. )
  22. var (
  23. userShowDetail bool
  24. )
  25. // NewUserCommand returns the cobra command for "user".
  26. func NewUserCommand() *cobra.Command {
  27. ac := &cobra.Command{
  28. Use: "user <subcommand>",
  29. Short: "User related commands",
  30. }
  31. ac.AddCommand(newUserAddCommand())
  32. ac.AddCommand(newUserDeleteCommand())
  33. ac.AddCommand(newUserGetCommand())
  34. ac.AddCommand(newUserListCommand())
  35. ac.AddCommand(newUserChangePasswordCommand())
  36. ac.AddCommand(newUserGrantRoleCommand())
  37. ac.AddCommand(newUserRevokeRoleCommand())
  38. return ac
  39. }
  40. var (
  41. passwordInteractive bool
  42. )
  43. func newUserAddCommand() *cobra.Command {
  44. cmd := cobra.Command{
  45. Use: "add <user name or user:password> [options]",
  46. Short: "Adds a new user",
  47. Run: userAddCommandFunc,
  48. }
  49. cmd.Flags().BoolVar(&passwordInteractive, "interactive", true, "Read password from stdin instead of interactive terminal")
  50. return &cmd
  51. }
  52. func newUserDeleteCommand() *cobra.Command {
  53. return &cobra.Command{
  54. Use: "delete <user name>",
  55. Short: "Deletes a user",
  56. Run: userDeleteCommandFunc,
  57. }
  58. }
  59. func newUserGetCommand() *cobra.Command {
  60. cmd := cobra.Command{
  61. Use: "get <user name> [options]",
  62. Short: "Gets detailed information of a user",
  63. Run: userGetCommandFunc,
  64. }
  65. cmd.Flags().BoolVar(&userShowDetail, "detail", false, "Show permissions of roles granted to the user")
  66. return &cmd
  67. }
  68. func newUserListCommand() *cobra.Command {
  69. return &cobra.Command{
  70. Use: "list",
  71. Short: "Lists all users",
  72. Run: userListCommandFunc,
  73. }
  74. }
  75. func newUserChangePasswordCommand() *cobra.Command {
  76. cmd := cobra.Command{
  77. Use: "passwd <user name> [options]",
  78. Short: "Changes password of user",
  79. Run: userChangePasswordCommandFunc,
  80. }
  81. cmd.Flags().BoolVar(&passwordInteractive, "interactive", true, "If true, read password from stdin instead of interactive terminal")
  82. return &cmd
  83. }
  84. func newUserGrantRoleCommand() *cobra.Command {
  85. return &cobra.Command{
  86. Use: "grant-role <user name> <role name>",
  87. Short: "Grants a role to a user",
  88. Run: userGrantRoleCommandFunc,
  89. }
  90. }
  91. func newUserRevokeRoleCommand() *cobra.Command {
  92. return &cobra.Command{
  93. Use: "revoke-role <user name> <role name>",
  94. Short: "Revokes a role from a user",
  95. Run: userRevokeRoleCommandFunc,
  96. }
  97. }
  98. // userAddCommandFunc executes the "user add" command.
  99. func userAddCommandFunc(cmd *cobra.Command, args []string) {
  100. if len(args) != 1 {
  101. ExitWithError(ExitBadArgs, fmt.Errorf("user add command requires user name as its argument."))
  102. }
  103. var password string
  104. var user string
  105. splitted := strings.SplitN(args[0], ":", 2)
  106. if len(splitted) < 2 {
  107. user = args[0]
  108. if !passwordInteractive {
  109. fmt.Scanf("%s", &password)
  110. } else {
  111. password = readPasswordInteractive(args[0])
  112. }
  113. } else {
  114. user = splitted[0]
  115. password = splitted[1]
  116. if len(user) == 0 {
  117. ExitWithError(ExitBadArgs, fmt.Errorf("empty user name is not allowed."))
  118. }
  119. }
  120. resp, err := mustClientFromCmd(cmd).Auth.UserAdd(context.TODO(), user, password)
  121. if err != nil {
  122. ExitWithError(ExitError, err)
  123. }
  124. display.UserAdd(user, *resp)
  125. }
  126. // userDeleteCommandFunc executes the "user delete" command.
  127. func userDeleteCommandFunc(cmd *cobra.Command, args []string) {
  128. if len(args) != 1 {
  129. ExitWithError(ExitBadArgs, fmt.Errorf("user delete command requires user name as its argument."))
  130. }
  131. resp, err := mustClientFromCmd(cmd).Auth.UserDelete(context.TODO(), args[0])
  132. if err != nil {
  133. ExitWithError(ExitError, err)
  134. }
  135. display.UserDelete(args[0], *resp)
  136. }
  137. // userGetCommandFunc executes the "user get" command.
  138. func userGetCommandFunc(cmd *cobra.Command, args []string) {
  139. if len(args) != 1 {
  140. ExitWithError(ExitBadArgs, fmt.Errorf("user get command requires user name as its argument."))
  141. }
  142. name := args[0]
  143. client := mustClientFromCmd(cmd)
  144. resp, err := client.Auth.UserGet(context.TODO(), name)
  145. if err != nil {
  146. ExitWithError(ExitError, err)
  147. }
  148. if userShowDetail {
  149. fmt.Printf("User: %s\n", name)
  150. for _, role := range resp.Roles {
  151. fmt.Printf("\n")
  152. roleResp, err := client.Auth.RoleGet(context.TODO(), role)
  153. if err != nil {
  154. ExitWithError(ExitError, err)
  155. }
  156. display.RoleGet(role, *roleResp)
  157. }
  158. } else {
  159. display.UserGet(name, *resp)
  160. }
  161. }
  162. // userListCommandFunc executes the "user list" command.
  163. func userListCommandFunc(cmd *cobra.Command, args []string) {
  164. if len(args) != 0 {
  165. ExitWithError(ExitBadArgs, fmt.Errorf("user list command requires no arguments."))
  166. }
  167. resp, err := mustClientFromCmd(cmd).Auth.UserList(context.TODO())
  168. if err != nil {
  169. ExitWithError(ExitError, err)
  170. }
  171. display.UserList(*resp)
  172. }
  173. // userChangePasswordCommandFunc executes the "user passwd" command.
  174. func userChangePasswordCommandFunc(cmd *cobra.Command, args []string) {
  175. if len(args) != 1 {
  176. ExitWithError(ExitBadArgs, fmt.Errorf("user passwd command requires user name as its argument."))
  177. }
  178. var password string
  179. if !passwordInteractive {
  180. fmt.Scanf("%s", &password)
  181. } else {
  182. password = readPasswordInteractive(args[0])
  183. }
  184. resp, err := mustClientFromCmd(cmd).Auth.UserChangePassword(context.TODO(), args[0], password)
  185. if err != nil {
  186. ExitWithError(ExitError, err)
  187. }
  188. display.UserChangePassword(*resp)
  189. }
  190. // userGrantRoleCommandFunc executes the "user grant-role" command.
  191. func userGrantRoleCommandFunc(cmd *cobra.Command, args []string) {
  192. if len(args) != 2 {
  193. ExitWithError(ExitBadArgs, fmt.Errorf("user grant command requires user name and role name as its argument."))
  194. }
  195. resp, err := mustClientFromCmd(cmd).Auth.UserGrantRole(context.TODO(), args[0], args[1])
  196. if err != nil {
  197. ExitWithError(ExitError, err)
  198. }
  199. display.UserGrantRole(args[0], args[1], *resp)
  200. }
  201. // userRevokeRoleCommandFunc executes the "user revoke-role" command.
  202. func userRevokeRoleCommandFunc(cmd *cobra.Command, args []string) {
  203. if len(args) != 2 {
  204. ExitWithError(ExitBadArgs, fmt.Errorf("user revoke-role requires user name and role name as its argument."))
  205. }
  206. resp, err := mustClientFromCmd(cmd).Auth.UserRevokeRole(context.TODO(), args[0], args[1])
  207. if err != nil {
  208. ExitWithError(ExitError, err)
  209. }
  210. display.UserRevokeRole(args[0], args[1], *resp)
  211. }
  212. func readPasswordInteractive(name string) string {
  213. prompt1 := fmt.Sprintf("Password of %s: ", name)
  214. password1, err1 := speakeasy.Ask(prompt1)
  215. if err1 != nil {
  216. ExitWithError(ExitBadArgs, fmt.Errorf("failed to ask password: %s.", err1))
  217. }
  218. if len(password1) == 0 {
  219. ExitWithError(ExitBadArgs, fmt.Errorf("empty password"))
  220. }
  221. prompt2 := fmt.Sprintf("Type password of %s again for confirmation: ", name)
  222. password2, err2 := speakeasy.Ask(prompt2)
  223. if err2 != nil {
  224. ExitWithError(ExitBadArgs, fmt.Errorf("failed to ask password: %s.", err2))
  225. }
  226. if strings.Compare(password1, password2) != 0 {
  227. ExitWithError(ExitBadArgs, fmt.Errorf("given passwords are different."))
  228. }
  229. return password1
  230. }