joyent/node-triton#58: triton --act-as=ACCOUNT ... for operator accounts
This commit is contained in:
Trent Mick
parent
5c3a4adee3
commit
4576918909
@ -1,7 +1,10 @@
|
|||||||
# node-triton changelog
|
# node-triton changelog
|
||||||
|
|
||||||
## 3.1.1 (not yet released)
|
## 3.2.0 (not yet released)
|
||||||
|
|
||||||
|
- #58 `triton --act-as=ACCOUNT ...` for an operator account to auth as
|
||||||
|
themself, but operator on another account's resources. Note that operator
|
||||||
|
accesses like this are audited on the CloudAPI server side.
|
||||||
- `triton --accept-version VER` hidden top-level option for development. This
|
- `triton --accept-version VER` hidden top-level option for development. This
|
||||||
allows calling the target cloudapi with the given value for the
|
allows calling the target cloudapi with the given value for the
|
||||||
"Accept-Version" header -- which is how CloudAPI does API versioning.
|
"Accept-Version" header -- which is how CloudAPI does API versioning.
|
||||||
|
|||||||
12
lib/cli.js
12
lib/cli.js
@ -84,6 +84,15 @@ var OPTIONS = [
|
|||||||
'or SDC_ACCOUNT=ACCOUNT.',
|
'or SDC_ACCOUNT=ACCOUNT.',
|
||||||
helpArg: 'ACCOUNT'
|
helpArg: 'ACCOUNT'
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
names: ['act-as'],
|
||||||
|
type: 'string',
|
||||||
|
help: 'Masquerade as the given account login name. This can only ' +
|
||||||
|
'succeed for operator accounts. Note that accesses like these ' +
|
||||||
|
'audited on the CloudAPI server side.',
|
||||||
|
helpArg: 'ACCOUNT',
|
||||||
|
hidden: true
|
||||||
|
},
|
||||||
{
|
{
|
||||||
names: ['user', 'u'],
|
names: ['user', 'u'],
|
||||||
type: 'string',
|
type: 'string',
|
||||||
@ -271,7 +280,8 @@ CLI.prototype._applyProfileOverrides =
|
|||||||
{oname: 'url', pname: 'url'},
|
{oname: 'url', pname: 'url'},
|
||||||
{oname: 'keyId', pname: 'keyId'},
|
{oname: 'keyId', pname: 'keyId'},
|
||||||
{oname: 'insecure', pname: 'insecure'},
|
{oname: 'insecure', pname: 'insecure'},
|
||||||
{oname: 'accept_version', pname: 'acceptVersion'}
|
{oname: 'accept_version', pname: 'acceptVersion'},
|
||||||
|
{oname: 'act_as', pname: 'actAsAccount'}
|
||||||
].forEach(function (field) {
|
].forEach(function (field) {
|
||||||
// We need to check `opts._order` to know if boolean opts
|
// We need to check `opts._order` to know if boolean opts
|
||||||
// were specified.
|
// were specified.
|
||||||
|
|||||||
@ -117,6 +117,7 @@ TritonApi.prototype._cloudapiFromProfile =
|
|||||||
{
|
{
|
||||||
assert.object(profile, 'profile');
|
assert.object(profile, 'profile');
|
||||||
assert.string(profile.account, 'profile.account');
|
assert.string(profile.account, 'profile.account');
|
||||||
|
assert.optionalString(profile.actAsAccount, 'profile.actAsAccount');
|
||||||
assert.string(profile.keyId, 'profile.keyId');
|
assert.string(profile.keyId, 'profile.keyId');
|
||||||
assert.string(profile.url, 'profile.url');
|
assert.string(profile.url, 'profile.url');
|
||||||
assert.optionalString(profile.user, 'profile.user');
|
assert.optionalString(profile.user, 'profile.user');
|
||||||
@ -145,7 +146,7 @@ TritonApi.prototype._cloudapiFromProfile =
|
|||||||
}
|
}
|
||||||
var client = cloudapi.createClient({
|
var client = cloudapi.createClient({
|
||||||
url: profile.url,
|
url: profile.url,
|
||||||
account: profile.account,
|
account: profile.actAsAccount || profile.account,
|
||||||
user: profile.user,
|
user: profile.user,
|
||||||
version: acceptVersion,
|
version: acceptVersion,
|
||||||
rejectUnauthorized: rejectUnauthorized,
|
rejectUnauthorized: rejectUnauthorized,
|
||||||
|
|||||||
Reference in New Issue
Block a user