joyent/node-triton#54 'triton rbac info' improvements

This commit is contained in:
Trent Mick 2015-11-18 14:18:25 -08:00
parent fe73063d16
commit 1160fe120b
2 changed files with 53 additions and 19 deletions

View File

@ -2,7 +2,8 @@
## 3.0.1 (not yet released)
(nothing yet)
- #54 `triton rbac info` improvements: better help, use brackets to show
non-default roles.
## 3.0.0

View File

@ -107,23 +107,36 @@ function do_info(subcmd, opts, args, cb) {
userExtra = '';
}
var roleInfo = [];
var numRoles = 0;
var roleInfo = '';
user.default_roles.sort();
user.roles.sort();
var roleSeen = {};
user.default_roles.forEach(function (r) {
numRoles++;
roleSeen[r] = true;
roleInfo.push(r);
});
user.roles.forEach(function (r) {
if (!roleSeen[r]) {
roleInfo.push(r + '*'); // marker for non-default role
if (roleInfo) {
roleInfo += ', ';
}
roleInfo += r;
});
if (roleInfo.length === 1) {
roleInfo = 'role ' + roleInfo.join(', ');
} else if (roleInfo.length > 0) {
roleInfo = 'roles ' + roleInfo.join(', ');
var nonDefaultRoles = user.roles.filter(function (r) {
return !roleSeen[r];
});
if (nonDefaultRoles.length > 0) {
numRoles += nonDefaultRoles.length;
if (numRoles > 0) {
roleInfo += '[, ';
} else {
roleInfo += '[';
}
roleInfo += nonDefaultRoles.join(', ');
roleInfo += ']';
}
if (numRoles === 1) {
roleInfo = 'role ' + roleInfo;
} else if (numRoles > 0) {
roleInfo = 'roles ' + roleInfo;
} else {
roleInfo = ansiStylize('no roles', 'red');
}
@ -190,16 +203,36 @@ do_info.options = [
}
];
do_info.help = (
do_info.help = [
/* BEGIN JSSTYLED */
'Show current RBAC state.\n' +
'\n' +
'Usage:\n' +
' {{name}} info [<options>]\n' +
'\n' +
'{{options}}'
'Show current RBAC state.',
'',
'Usage:',
' {{name}} info [<options>]',
'',
'{{options}}',
'List RBAC users, roles and policies and. This summary does not show all',
'data for these objects, but attempts to highlight important relationships',
'to give a succinct overview.',
'',
'Example:',
' users (2): # Number of users in parentheses',
' # A user\'s roles from the role object',
' alice: roles ops[, admin] # Alice\'s roles, non-default ones in brackets',
' bill (no ssh keys): role eng # A warning that bill has no SSH key',
' roles (3): # "$roleName: policy $policyName',
' admin: policy policy-admin',
' eng: policy policy-full',
' ops: policy policy-readonly',
' policies (3): # "$name ($description) rules:"',
' policy-admin (full access) rules:',
' CAN * # The rules on the policy',
' policy-full (full access, except rbac) rules:',
' CAN compute:*',
' policy-readonly (read-only access) rules:',
' CAN compute:Get*'
/* END JSSTYLED */
);
].join('\n');