github.com/vmware/govmomi@v0.43.0/govc/sso/user/create.go (about) 1 /* 2 Copyright (c) 2018 VMware, Inc. All Rights Reserved. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package user 18 19 import ( 20 "context" 21 "encoding/base64" 22 "encoding/pem" 23 "flag" 24 25 "github.com/vmware/govmomi/govc/cli" 26 "github.com/vmware/govmomi/govc/flags" 27 "github.com/vmware/govmomi/govc/sso" 28 "github.com/vmware/govmomi/ssoadmin" 29 "github.com/vmware/govmomi/ssoadmin/types" 30 ) 31 32 type userDetails struct { 33 *flags.ClientFlag 34 35 types.AdminPersonDetails 36 password string 37 solution types.AdminSolutionDetails 38 actas *bool 39 role string 40 } 41 42 func (cmd *userDetails) Usage() string { 43 return "NAME" 44 } 45 46 func (cmd *userDetails) Register(ctx context.Context, f *flag.FlagSet) { 47 cmd.ClientFlag, ctx = flags.NewClientFlag(ctx) 48 cmd.ClientFlag.Register(ctx, f) 49 50 f.StringVar(&cmd.Description, "d", "", "User description") 51 f.StringVar(&cmd.EmailAddress, "m", "", "Email address") 52 f.StringVar(&cmd.FirstName, "f", "", "First name") 53 f.StringVar(&cmd.LastName, "l", "", "Last name") 54 f.StringVar(&cmd.password, "p", "", "Password") 55 f.StringVar(&cmd.solution.Certificate, "C", "", "Certificate for solution user") 56 f.Var(flags.NewOptionalBool(&cmd.actas), "A", "ActAsUser role for solution user WSTrust") 57 f.StringVar(&cmd.role, "R", "", "Role for solution user (RegularUser|Administrator)") 58 } 59 60 func (cmd *userDetails) Certificate() string { 61 block, _ := pem.Decode([]byte(cmd.solution.Certificate)) 62 if block != nil { 63 return base64.StdEncoding.EncodeToString(block.Bytes) 64 } 65 return cmd.solution.Certificate 66 } 67 68 type create struct { 69 userDetails 70 } 71 72 func init() { 73 cli.Register("sso.user.create", &create{}) 74 } 75 76 func (cmd *create) Description() string { 77 return `Create SSO users. 78 79 Examples: 80 govc sso.user.create -C "$(cat cert.pem)" -A -R Administrator NAME # solution user 81 govc sso.user.create -p password NAME # person user` 82 } 83 84 func (cmd *create) Run(ctx context.Context, f *flag.FlagSet) error { 85 if f.NArg() != 1 { 86 return flag.ErrHelp 87 } 88 id := f.Arg(0) 89 person := cmd.solution.Certificate == "" 90 if person { 91 if cmd.password == "" { 92 return flag.ErrHelp 93 } 94 } else { 95 if cmd.password != "" { 96 return flag.ErrHelp 97 } 98 } 99 100 return sso.WithClient(ctx, cmd.ClientFlag, func(c *ssoadmin.Client) error { 101 if person { 102 return c.CreatePersonUser(ctx, id, cmd.AdminPersonDetails, cmd.password) 103 } 104 105 cmd.solution.Certificate = cmd.Certificate() 106 cmd.solution.Description = cmd.AdminPersonDetails.Description 107 108 if err := c.CreateSolutionUser(ctx, id, cmd.solution); err != nil { 109 return err 110 } 111 112 p := types.PrincipalId{Name: id, Domain: c.Domain} 113 114 if cmd.role != "" { 115 if _, err := c.SetRole(ctx, p, cmd.role); err != nil { 116 return err 117 } 118 } 119 120 if cmd.actas != nil && *cmd.actas { 121 if _, err := c.GrantWSTrustRole(ctx, p, types.RoleActAsUser); err != nil { 122 return err 123 } 124 } 125 126 return nil 127 }) 128 }