github.com/1aal/kubeblocks@v0.0.0-20231107070852-e1c03e598921/pkg/cli/cmd/accounts/revoke.go

github.com/1aal/kubeblocks@v0.0.0-20231107070852-e1c03e598921/pkg/cli/cmd/accounts/revoke.go (about)

     1  /*
     2  Copyright (C) 2022-2023 ApeCloud Co., Ltd
     3  
     4  This file is part of KubeBlocks project
     5  
     6  This program is free software: you can redistribute it and/or modify
     7  it under the terms of the GNU Affero General Public License as published by
     8  the Free Software Foundation, either version 3 of the License, or
     9  (at your option) any later version.
    10  
    11  This program is distributed in the hope that it will be useful
    12  but WITHOUT ANY WARRANTY; without even the implied warranty of
    13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14  GNU Affero General Public License for more details.
    15  
    16  You should have received a copy of the GNU Affero General Public License
    17  along with this program.  If not, see <http://www.gnu.org/licenses/>.
    18  */
    19  
    20  package accounts
    21  
    22  import (
    23  	"context"
    24  	"fmt"
    25  	"strings"
    26  
    27  	"github.com/spf13/cobra"
    28  	"golang.org/x/exp/slices"
    29  	"k8s.io/cli-runtime/pkg/genericiooptions"
    30  	"k8s.io/klog/v2"
    31  	cmdutil "k8s.io/kubectl/pkg/cmd/util"
    32  
    33  	"github.com/1aal/kubeblocks/pkg/lorry/client"
    34  	lorryutil "github.com/1aal/kubeblocks/pkg/lorry/util"
    35  )
    36  
    37  type RevokeOptions struct {
    38  	*AccountBaseOptions
    39  	userName string
    40  	roleName string
    41  }
    42  
    43  func NewRevokeOptions(f cmdutil.Factory, streams genericiooptions.IOStreams) *RevokeOptions {
    44  	return &RevokeOptions{
    45  		AccountBaseOptions: NewAccountBaseOptions(f, streams),
    46  	}
    47  }
    48  
    49  func (o *RevokeOptions) AddFlags(cmd *cobra.Command) {
    50  	o.AccountBaseOptions.AddFlags(cmd)
    51  	cmd.Flags().StringVar(&o.userName, "name", "", "Required user name, please specify it.")
    52  	cmd.Flags().StringVarP(&o.roleName, "role", "r", "", "Role name should be one of [SUPERUSER, READWRITE, READONLY].")
    53  	_ = cmd.MarkFlagRequired("name")
    54  	_ = cmd.MarkFlagRequired("role")
    55  }
    56  
    57  func (o *RevokeOptions) Validate(args []string) error {
    58  	if err := o.AccountBaseOptions.Validate(args); err != nil {
    59  		return err
    60  	}
    61  	if len(o.userName) == 0 {
    62  		return errMissingUserName
    63  	}
    64  	if len(o.roleName) == 0 {
    65  		return errMissingRoleName
    66  	}
    67  	if err := o.validRoleName(); err != nil {
    68  		return err
    69  	}
    70  	return nil
    71  }
    72  
    73  func (o *RevokeOptions) validRoleName() error {
    74  	candidates := []string{string(lorryutil.SuperUserRole), string(lorryutil.ReadWriteRole), string(lorryutil.ReadOnlyRole)}
    75  	if slices.Contains(candidates, strings.ToLower(o.roleName)) {
    76  		return nil
    77  	}
    78  	return errInvalidRoleName
    79  }
    80  
    81  func (o *RevokeOptions) Complete(f cmdutil.Factory) error {
    82  	var err error
    83  	if err = o.AccountBaseOptions.Complete(f); err != nil {
    84  		return err
    85  	}
    86  	return err
    87  }
    88  
    89  func (o *RevokeOptions) Run(cmd *cobra.Command, f cmdutil.Factory, streams genericiooptions.IOStreams) error {
    90  	klog.V(1).Info(fmt.Sprintf("connect to cluster %s, component %s, instance %s\n", o.ClusterName, o.ComponentName, o.PodName))
    91  	lorryClient, err := client.NewK8sExecClientWithPod(o.Pod)
    92  	if err != nil {
    93  		return err
    94  	}
    95  
    96  	err = lorryClient.RevokeUserRole(context.Background(), o.userName, o.roleName)
    97  	if err != nil {
    98  		o.printGeneralInfo("fail", err.Error())
    99  		return err
   100  	}
   101  	o.printGeneralInfo("success", "")
   102  	return nil
   103  }