github.com/vmware/govmomi@v0.37.2/govc/permissions/permissions.go (about) 1 /* 2 Copyright (c) 2015 VMware, Inc. All Rights Reserved. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package permissions 18 19 import ( 20 "context" 21 "flag" 22 "fmt" 23 "io" 24 "text/tabwriter" 25 26 "github.com/vmware/govmomi/govc/flags" 27 "github.com/vmware/govmomi/object" 28 "github.com/vmware/govmomi/vim25/types" 29 ) 30 31 type List struct { 32 Roles object.AuthorizationRoleList `json:",omitempty"` 33 34 Permissions []types.Permission `json:",omitempty"` 35 36 f *PermissionFlag 37 } 38 39 type PermissionFlag struct { 40 *flags.DatacenterFlag 41 *flags.OutputFlag 42 43 asRef bool 44 45 m *object.AuthorizationManager 46 47 List 48 } 49 50 func NewPermissionFlag(ctx context.Context) (*PermissionFlag, context.Context) { 51 f := &PermissionFlag{} 52 f.List.f = f 53 f.DatacenterFlag, ctx = flags.NewDatacenterFlag(ctx) 54 f.OutputFlag, ctx = flags.NewOutputFlag(ctx) 55 return f, ctx 56 } 57 58 func (f *PermissionFlag) Register(ctx context.Context, fs *flag.FlagSet) { 59 f.DatacenterFlag.Register(ctx, fs) 60 f.OutputFlag.Register(ctx, fs) 61 62 fs.BoolVar(&f.asRef, "i", false, "Use moref instead of inventory path") 63 } 64 65 func (f *PermissionFlag) Process(ctx context.Context) error { 66 if err := f.DatacenterFlag.Process(ctx); err != nil { 67 return err 68 } 69 if err := f.OutputFlag.Process(ctx); err != nil { 70 return err 71 } 72 73 return nil 74 } 75 76 func (f *PermissionFlag) Manager(ctx context.Context) (*object.AuthorizationManager, error) { 77 if f.m != nil { 78 return f.m, nil 79 } 80 81 c, err := f.Client() 82 if err != nil { 83 return nil, err 84 } 85 86 f.m = object.NewAuthorizationManager(c) 87 f.Roles, err = f.m.RoleList(ctx) 88 89 return f.m, err 90 } 91 92 func (f *PermissionFlag) Role(name string) (*types.AuthorizationRole, error) { 93 role := f.Roles.ByName(name) 94 if role == nil { 95 return nil, fmt.Errorf("role %q not found", name) 96 } 97 return role, nil 98 } 99 100 func (f *PermissionFlag) ManagedObjects(ctx context.Context, args []string) ([]types.ManagedObjectReference, error) { 101 if !f.asRef { 102 return f.DatacenterFlag.ManagedObjects(ctx, args) 103 } 104 105 var refs []types.ManagedObjectReference 106 107 for _, arg := range args { 108 var ref types.ManagedObjectReference 109 if ref.FromString(arg) { 110 refs = append(refs, ref) 111 } else { 112 return nil, fmt.Errorf("invalid moref: %s", arg) 113 } 114 } 115 116 return refs, nil 117 } 118 119 func (l *List) Write(w io.Writer) error { 120 ctx := context.Background() 121 finder, err := l.f.Finder() 122 if err != nil { 123 return err 124 } 125 126 refs := make(map[types.ManagedObjectReference]string) 127 128 tw := tabwriter.NewWriter(w, 2, 0, 2, ' ', 0) 129 130 fmt.Fprintf(tw, "%s\t%s\t%s\t%s\n", "Role", "Entity", "Principal", "Propagate") 131 132 for _, perm := range l.Permissions { 133 propagate := "No" 134 if perm.Propagate { 135 propagate = "Yes" 136 } 137 138 name := l.Roles.ById(perm.RoleId).Name 139 140 p := "-" 141 if perm.Entity != nil { 142 if l.f.asRef { 143 p = perm.Entity.String() 144 } else { 145 // convert moref to inventory path 146 if p = refs[*perm.Entity]; p == "" { 147 e, err := finder.Element(ctx, *perm.Entity) 148 if err == nil { 149 p = e.Path 150 } 151 152 refs[*perm.Entity] = p 153 } 154 } 155 } 156 157 fmt.Fprintf(tw, "%s\t%s\t%s\t%s\n", name, p, perm.Principal, propagate) 158 } 159 160 return tw.Flush() 161 } 162 163 func (l *List) Add(perms []types.Permission) { 164 l.Permissions = append(l.Permissions, perms...) 165 }