/*
* Copyright © 2015-2016 Cask Data, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package co.cask.cdap.cli.command.security;
import co.cask.cdap.cli.ArgumentName;
import co.cask.cdap.cli.CLIConfig;
import co.cask.cdap.cli.util.AbstractAuthCommand;
import co.cask.cdap.client.AuthorizationClient;
import co.cask.cdap.proto.id.EntityId;
import co.cask.cdap.proto.security.Action;
import co.cask.cdap.proto.security.Principal;
import co.cask.common.cli.Arguments;
import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import com.google.inject.Inject;
import java.io.PrintStream;
import java.util.Set;
/**
* Grants a user permission to perform certain actions on an entity.
*/
public class GrantActionCommand extends AbstractAuthCommand {
private final AuthorizationClient client;
@Inject
GrantActionCommand(AuthorizationClient client, CLIConfig cliConfig) {
super(cliConfig);
this.client = client;
}
@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
EntityId entity = EntityId.fromString(arguments.get(ArgumentName.ENTITY.toString()));
String principalName = arguments.get("principal-name");
Principal.PrincipalType principalType =
Principal.PrincipalType.valueOf(arguments.get("principal-type").toUpperCase());
Principal principal = new Principal(principalName, principalType);
Set<Action> actions = ACTIONS_STRING_TO_SET.apply(arguments.get("actions"));
// actions is not an optional argument so should never be null
Preconditions.checkNotNull(actions, "Actions can never be null in the grant command.");
client.grant(entity, principal, actions);
output.printf("Successfully granted action(s) '%s' on entity '%s' to %s '%s'\n",
Joiner.on(",").join(actions), entity.toString(), principal.getType(), principal.getName());
}
@Override
public String getPattern() {
return String.format("grant actions <actions> on entity <%s> to <%s> <%s>", ArgumentName.ENTITY,
ArgumentName.PRINCIPAL_TYPE, ArgumentName.PRINCIPAL_NAME);
}
@Override
public String getDescription() {
return "Grants a principal permission to perform certain actions on an entity. " +
"'<actions>' is a comma-separated list.";
}
}