Class: Chef::Knife::AclBulkAdd

Inherits:
Chef::Knife show all
Defined in:
lib/chef/knife/acl_bulk_add.rb

Constant Summary

Constants inherited from Chef::Knife

CHEF_ORGANIZATION_MANAGEMENT, KNIFE_ROOT, OFFICIAL_PLUGINS, OPSCODE_HOSTED_CHEF_ACCESS_CONTROL, VERSION

Instance Attribute Summary

Attributes inherited from Chef::Knife

#name_args, #ui

Instance Method Summary collapse

Methods inherited from Chef::Knife

#api_key, #apply_computed_config, category, chef_config_dir, common_name, #config_file_defaults, #config_file_settings, config_loader, #config_source, #configure_chef, #create_object, #delete_object, dependency_loaders, deps, #format_rest_error, guess_category, #humanize_exception, #humanize_http_exception, inherited, #initialize, list_commands, load_commands, load_config, load_deps, #maybe_setup_fips, #merge_configs, msg, #noauth_rest, #parse_options, reset_config_loader!, reset_subcommands!, #rest, #root_rest, run, #run_with_pretty_exceptions, #server_url, #show_usage, snake_case_name, subcommand_category, subcommand_class_from, subcommand_files, subcommand_loader, subcommands, subcommands_by_category, #test_mandatory_field, ui, unnamed?, use_separate_defaults?, #username

Constructor Details

This class inherits a constructor from Chef::Knife

Instance Method Details

#runObject 



32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
# File 'lib/chef/knife/acl_bulk_add.rb', line 32

def run
  member_type, member_name, object_type, regex, perms = name_args
  object_name_matcher = /#{regex}/

  if name_args.length != 5
    show_usage
    ui.fatal "You must specify the member type [client|group], member name, object type, object name REGEX and perms"
    exit 1
  end

  unless %w{client group}.include?(member_type)
    ui.fatal "ERROR: To enforce best practice, knife-acl can only add a client or a group to an ACL."
    ui.fatal "       See the knife-acl README for more information."
    exit 1
  end
  validate_perm_type!(perms)
  validate_member_name!(member_name)
  validate_object_type!(object_type)
  validate_member_exists!(member_type, member_name)

  if %w{containers groups}.include?(object_type)
    ui.fatal "bulk modifying the ACL of #{object_type} is not permitted"
    exit 1
  end

  objects_to_modify = []
  all_objects = rest.get_rest(object_type)
  objects_to_modify = all_objects.keys.grep(object_name_matcher)

  if objects_to_modify.empty?
    ui.info "No #{object_type} match the expression /#{regex}/"
    exit 0
  end

  ui.msg("The ACL of the following #{object_type} will be modified:")
  ui.msg("")
  ui.msg(ui.list(objects_to_modify.sort, :columns_down))
  ui.msg("")
  ui.confirm("Are you sure you want to modify the ACL of these #{object_type}?")

  objects_to_modify.each do |object_name|
    add_to_acl!(member_type, member_name, object_type, object_name, perms)
  end
end