joyent/node-triton#54 'triton rbac info' improvements
This commit is contained in:
parent
fe73063d16
commit
1160fe120b
@ -2,7 +2,8 @@
|
|||||||
|
|
||||||
## 3.0.1 (not yet released)
|
## 3.0.1 (not yet released)
|
||||||
|
|
||||||
(nothing yet)
|
- #54 `triton rbac info` improvements: better help, use brackets to show
|
||||||
|
non-default roles.
|
||||||
|
|
||||||
|
|
||||||
## 3.0.0
|
## 3.0.0
|
||||||
|
@ -107,23 +107,36 @@ function do_info(subcmd, opts, args, cb) {
|
|||||||
userExtra = '';
|
userExtra = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
var roleInfo = [];
|
var numRoles = 0;
|
||||||
|
var roleInfo = '';
|
||||||
user.default_roles.sort();
|
user.default_roles.sort();
|
||||||
user.roles.sort();
|
user.roles.sort();
|
||||||
var roleSeen = {};
|
var roleSeen = {};
|
||||||
user.default_roles.forEach(function (r) {
|
user.default_roles.forEach(function (r) {
|
||||||
|
numRoles++;
|
||||||
roleSeen[r] = true;
|
roleSeen[r] = true;
|
||||||
roleInfo.push(r);
|
if (roleInfo) {
|
||||||
});
|
roleInfo += ', ';
|
||||||
user.roles.forEach(function (r) {
|
|
||||||
if (!roleSeen[r]) {
|
|
||||||
roleInfo.push(r + '*'); // marker for non-default role
|
|
||||||
}
|
}
|
||||||
|
roleInfo += r;
|
||||||
});
|
});
|
||||||
if (roleInfo.length === 1) {
|
var nonDefaultRoles = user.roles.filter(function (r) {
|
||||||
roleInfo = 'role ' + roleInfo.join(', ');
|
return !roleSeen[r];
|
||||||
} else if (roleInfo.length > 0) {
|
});
|
||||||
roleInfo = 'roles ' + roleInfo.join(', ');
|
if (nonDefaultRoles.length > 0) {
|
||||||
|
numRoles += nonDefaultRoles.length;
|
||||||
|
if (numRoles > 0) {
|
||||||
|
roleInfo += '[, ';
|
||||||
|
} else {
|
||||||
|
roleInfo += '[';
|
||||||
|
}
|
||||||
|
roleInfo += nonDefaultRoles.join(', ');
|
||||||
|
roleInfo += ']';
|
||||||
|
}
|
||||||
|
if (numRoles === 1) {
|
||||||
|
roleInfo = 'role ' + roleInfo;
|
||||||
|
} else if (numRoles > 0) {
|
||||||
|
roleInfo = 'roles ' + roleInfo;
|
||||||
} else {
|
} else {
|
||||||
roleInfo = ansiStylize('no roles', 'red');
|
roleInfo = ansiStylize('no roles', 'red');
|
||||||
}
|
}
|
||||||
@ -190,16 +203,36 @@ do_info.options = [
|
|||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
do_info.help = (
|
do_info.help = [
|
||||||
/* BEGIN JSSTYLED */
|
/* BEGIN JSSTYLED */
|
||||||
'Show current RBAC state.\n' +
|
'Show current RBAC state.',
|
||||||
'\n' +
|
'',
|
||||||
'Usage:\n' +
|
'Usage:',
|
||||||
' {{name}} info [<options>]\n' +
|
' {{name}} info [<options>]',
|
||||||
'\n' +
|
'',
|
||||||
'{{options}}'
|
'{{options}}',
|
||||||
|
'List RBAC users, roles and policies and. This summary does not show all',
|
||||||
|
'data for these objects, but attempts to highlight important relationships',
|
||||||
|
'to give a succinct overview.',
|
||||||
|
'',
|
||||||
|
'Example:',
|
||||||
|
' users (2): # Number of users in parentheses',
|
||||||
|
' # A user\'s roles from the role object',
|
||||||
|
' alice: roles ops[, admin] # Alice\'s roles, non-default ones in brackets',
|
||||||
|
' bill (no ssh keys): role eng # A warning that bill has no SSH key',
|
||||||
|
' roles (3): # "$roleName: policy $policyName',
|
||||||
|
' admin: policy policy-admin',
|
||||||
|
' eng: policy policy-full',
|
||||||
|
' ops: policy policy-readonly',
|
||||||
|
' policies (3): # "$name ($description) rules:"',
|
||||||
|
' policy-admin (full access) rules:',
|
||||||
|
' CAN * # The rules on the policy',
|
||||||
|
' policy-full (full access, except rbac) rules:',
|
||||||
|
' CAN compute:*',
|
||||||
|
' policy-readonly (read-only access) rules:',
|
||||||
|
' CAN compute:Get*'
|
||||||
/* END JSSTYLED */
|
/* END JSSTYLED */
|
||||||
);
|
].join('\n');
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user