Class: Conjur::Command
Direct Known Subclasses
Authn, Env, HostFactories, Hosts, Init, LDAPSync, Plugin, Policies, Pubkeys, Resources, Roles, ShellInit, Users, Variables
Defined Under Namespace
Classes: Authn, Env, HostFactories, Hosts, Init, LDAPSync, Plugin, Policies, Pubkeys, Resources, Roles, ShellInit, Users, Variables
Constant Summary
collapse
- @@api =
nil
Class Attribute Summary collapse
Class Method Summary
collapse
-
.api ⇒ Object
-
.api=(api) ⇒ Object
-
.assert_empty(args) ⇒ Object
-
.command(name, *a, &block) ⇒ Object
-
.command_impl_for_list(global_options, options, args) ⇒ Object
-
.command_options_for_list(c) ⇒ Object
-
.context_option(command) ⇒ Object
-
.current_user ⇒ Object
-
.display(obj, options = {}) ⇒ Object
-
.display_members(members, options) ⇒ Object
-
.has_admin?(role, other_role) ⇒ Boolean
-
.hide_docs(command) ⇒ Object
Prevent a deprecated command from being displayed in the help output.
-
.highline ⇒ Object
-
.integer?(v) ⇒ Boolean
-
.method_missing(*a, &b) ⇒ Object
-
.prompt_for_password ⇒ Object
-
.read_till_eof(prompt = nil) ⇒ Object
-
.require_arg(args, name) ⇒ Object
-
.validate_privileges(message, &block) ⇒ Object
full_resource_id, get_kind_and_id_from_args
Class Attribute Details
.prefix ⇒ Object
Returns the value of attribute prefix.
30
31
32
|
# File 'lib/conjur/command.rb', line 30
def prefix
@prefix
end
|
Class Method Details
.api ⇒ Object
53
54
55
|
# File 'lib/conjur/command.rb', line 53
def api
@@api ||= Conjur::Authn.connect
end
|
.api=(api) ⇒ Object
49
50
51
|
# File 'lib/conjur/command.rb', line 49
def api= api
@@api = api
end
|
.assert_empty(args) ⇒ Object
45
46
47
|
# File 'lib/conjur/command.rb', line 45
def assert_empty(args)
exit_now! "Received extra command arguments" unless args.empty?
end
|
.command(name, *a, &block) ⇒ Object
36
37
38
39
|
# File 'lib/conjur/command.rb', line 36
def command name, *a, &block
name = "#{prefix}:#{name}" if prefix
Conjur::CLI.command(name, *a, &block)
end
|
.command_impl_for_list(global_options, options, args) ⇒ Object
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
# File 'lib/conjur/command.rb', line 118
def command_impl_for_list(global_options, options, args)
opts = options.slice(:search, :limit, :options, :kind)
opts[:acting_as] = options[:role] if options[:role]
opts[:search]=opts[:search].gsub('-',' ') if opts[:search]
resources = api.resources(opts)
if options[:inspect]
resources = resources.map &:attributes
unless options[:'raw-annotations']
resources = resources.map do |r|
r['annotations'] = (r['annotations'] || []).inject({}) do |hash, annot|
hash[annot['name']] = annot['value']
hash
end
r
end
end
puts JSON.pretty_generate resources
else
puts JSON.pretty_generate(resources.map(&:id))
end
end
|
.command_options_for_list(c) ⇒ Object
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
# File 'lib/conjur/command.rb', line 96
def command_options_for_list(c)
return if c.flags.member?(:role) c.desc "Role to act as. By default, the current logged-in role is used."
c.arg_name 'ROLE'
c.flag [:role]
c.desc "Full-text search on resource id and annotation values"
c.flag [:s, :search]
c.desc "Maximum number of records to return"
c.flag [:l, :limit]
c.desc "Offset to start from"
c.flag [:o, :offset]
c.desc "Show full object information"
c.switch [:inspect]
c.desc "Show annotations in 'raw' format"
c.switch [:r, :"raw-annotations"]
end
|
.context_option(command) ⇒ Object
72
73
74
75
76
|
# File 'lib/conjur/command.rb', line 72
def context_option command
command.desc "Load context from this config file, and save it when finished. The file permissions will be 0600 by default."
command.arg_name "FILE"
command.flag [:c, :context]
end
|
.current_user ⇒ Object
57
58
59
60
61
62
63
64
65
|
# File 'lib/conjur/command.rb', line 57
def current_user
username = api.username
kind, id = username.split('/')
unless kind && id
id = kind
kind = 'user'
end
api.send(kind, username)
end
|
.display(obj, options = {}) ⇒ Object
164
165
166
167
168
169
170
171
172
173
174
175
176
177
|
# File 'lib/conjur/command.rb', line 164
def display(obj, options = {})
str = if obj.respond_to?(:attributes)
JSON.pretty_generate obj.attributes
elsif obj.respond_to?(:id)
obj.id
else
begin
JSON.pretty_generate(obj)
rescue JSON::GeneratorError
obj.to_json
end
end
puts str
end
|
.display_members(members, options) ⇒ Object
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
# File 'lib/conjur/command.rb', line 149
def display_members(members, options)
result = if options[:V]
members.collect {|member|
{
role: member.role.id,
member: member.member.id,
admin_option: member.admin_option
}
}
else
members.map(&:member).map(&:id)
end
display result
end
|
.has_admin?(role, other_role) ⇒ Boolean
205
206
207
208
209
210
211
|
# File 'lib/conjur/command.rb', line 205
def has_admin?(role, other_role)
return true if role.id == other_role.id
memberships = role.memberships.map(&:id)
other_role.members.any? { |m| memberships.member?(m.member.id) && m.admin_option }
rescue RestClient::Forbidden
false
end
|
.hide_docs(command) ⇒ Object
Prevent a deprecated command from being displayed in the help output
68
69
70
|
# File 'lib/conjur/command.rb', line 68
def hide_docs(command)
def command.nodoc; true end
end
|
.highline ⇒ Object
78
79
80
81
|
# File 'lib/conjur/command.rb', line 78
def highline
require 'highline'
@highline ||= HighLine.new($stdin,$stderr)
end
|
.integer?(v) ⇒ Boolean
179
180
181
|
# File 'lib/conjur/command.rb', line 179
def integer? v
Integer(v, 10) rescue false
end
|
.method_missing(*a, &b) ⇒ Object
32
33
34
|
# File 'lib/conjur/command.rb', line 32
def method_missing *a, &b
Conjur::CLI.send *a, &b
end
|
.prompt_for_password ⇒ Object
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
|
# File 'lib/conjur/command.rb', line 183
def prompt_for_password
require 'highline'
hl = HighLine.new($stdin, $stderr)
password = hl.ask("Enter the password (it will not be echoed): "){ |q| q.echo = false }
if password.blank?
if hl.agree "No password (y/n)?"
return nil
else
return prompt_for_password
end
end
confirmation = hl.ask("Confirm the password: "){ |q| q.echo = false }
raise "Password does not match confirmation" unless password == confirmation
password
end
|
.read_till_eof(prompt = nil) ⇒ Object
83
84
85
86
87
88
89
90
91
92
93
94
|
# File 'lib/conjur/command.rb', line 83
def read_till_eof(prompt = nil)
highline.say(prompt) if prompt
[].tap do |lines|
loop do
begin
lines << highline.ask('')
rescue EOFError
break
end
end
end.join("\n")
end
|
.require_arg(args, name) ⇒ Object
41
42
43
|
# File 'lib/conjur/command.rb', line 41
def require_arg(args, name)
args.shift or raise "Missing parameter: #{name}"
end
|
.validate_privileges(message, &block) ⇒ Object
140
141
142
143
144
145
146
147
|
# File 'lib/conjur/command.rb', line 140
def validate_privileges message, &block
valid = begin
yield
rescue RestClient::Forbidden
false
end
exit_now! message unless valid
end
|