forked from raystack/frontier
-
Notifications
You must be signed in to change notification settings - Fork 0
/
policy.go
150 lines (125 loc) · 3.15 KB
/
policy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
package cmd
import (
"fmt"
"os"
"github.com/MakeNowJust/heredoc"
"github.com/goto/salt/printer"
"github.com/goto/shield/pkg/file"
shieldv1beta1 "github.com/goto/shield/proto/v1beta1"
cli "github.com/spf13/cobra"
)
func PolicyCommand(cliConfig *Config) *cli.Command {
cmd := &cli.Command{
Use: "policy",
Aliases: []string{"policies"},
Short: "Manage policies",
Long: heredoc.Doc(`
Work with policies.
`),
Example: heredoc.Doc(`
$ shield policy create
$ shield policy edit
$ shield policy view
$ shield policy list
`),
Annotations: map[string]string{
"group": "core",
"client": "true",
},
}
cmd.AddCommand(createPolicyCommand(cliConfig))
cmd.AddCommand(listPolicyCommand(cliConfig))
bindFlagsFromClientConfig(cmd)
return cmd
}
func createPolicyCommand(cliConfig *Config) *cli.Command {
var filePath, header string
cmd := &cli.Command{
Use: "create",
Short: "Create a policy",
Args: cli.NoArgs,
Example: heredoc.Doc(`
$ shield policy create --file=<policy-body> --header=<key>:<value>
`),
Annotations: map[string]string{
"policy:core": "true",
},
RunE: func(cmd *cli.Command, args []string) error {
spinner := printer.Spin("")
defer spinner.Stop()
var reqBody shieldv1beta1.PolicyRequestBody
if err := file.Parse(filePath, &reqBody); err != nil {
return err
}
err := reqBody.ValidateAll()
if err != nil {
return err
}
client, cancel, err := createClient(cmd.Context(), cliConfig.Host)
if err != nil {
return err
}
defer cancel()
ctx := setCtxHeader(cmd.Context(), header)
_, err = client.CreatePolicy(ctx, &shieldv1beta1.CreatePolicyRequest{
Body: &reqBody,
})
if err != nil {
return err
}
spinner.Stop()
fmt.Println("successfully created policy")
return nil
},
}
cmd.Flags().StringVarP(&filePath, "file", "f", "", "Path to the policy body file")
cmd.MarkFlagRequired("file")
cmd.Flags().StringVarP(&header, "header", "H", "", "Header <key>:<value>")
cmd.MarkFlagRequired("header")
return cmd
}
func listPolicyCommand(cliConfig *Config) *cli.Command {
cmd := &cli.Command{
Use: "list",
Short: "List all policies",
Args: cli.NoArgs,
Example: heredoc.Doc(`
$ shield policy list
`),
Annotations: map[string]string{
"policy:core": "true",
},
RunE: func(cmd *cli.Command, args []string) error {
spinner := printer.Spin("")
defer spinner.Stop()
client, cancel, err := createClient(cmd.Context(), cliConfig.Host)
if err != nil {
return err
}
defer cancel()
res, err := client.ListPolicies(cmd.Context(), &shieldv1beta1.ListPoliciesRequest{})
if err != nil {
return err
}
report := [][]string{}
policies := res.GetPolicies()
spinner.Stop()
if len(policies) == 0 {
fmt.Printf("No policies found.\n")
return nil
}
fmt.Printf(" \nShowing %d policies\n \n", len(policies))
report = append(report, []string{"ID", "ACTION", "NAMESPACE"})
for _, p := range policies {
report = append(report, []string{
p.GetId(),
p.GetActionId(),
p.GetNamespaceId(),
})
}
printer.Table(os.Stdout, report)
return nil
},
}
return cmd
}