github.com/vmware/govmomi@v0.51.0/cli/permissions/permissions.go (about) 1 // © Broadcom. All Rights Reserved. 2 // The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. 3 // SPDX-License-Identifier: Apache-2.0 4 5 package permissions 6 7 import ( 8 "context" 9 "flag" 10 "fmt" 11 "io" 12 "text/tabwriter" 13 14 "github.com/vmware/govmomi/cli/flags" 15 "github.com/vmware/govmomi/object" 16 "github.com/vmware/govmomi/vim25/types" 17 ) 18 19 type List struct { 20 Roles object.AuthorizationRoleList `json:",omitempty"` 21 22 Permissions []types.Permission `json:",omitempty"` 23 24 f *PermissionFlag 25 } 26 27 type PermissionFlag struct { 28 *flags.DatacenterFlag 29 *flags.OutputFlag 30 31 asRef bool 32 33 m *object.AuthorizationManager 34 35 List 36 } 37 38 func NewPermissionFlag(ctx context.Context) (*PermissionFlag, context.Context) { 39 f := &PermissionFlag{} 40 f.List.f = f 41 f.DatacenterFlag, ctx = flags.NewDatacenterFlag(ctx) 42 f.OutputFlag, ctx = flags.NewOutputFlag(ctx) 43 return f, ctx 44 } 45 46 func (f *PermissionFlag) Register(ctx context.Context, fs *flag.FlagSet) { 47 f.DatacenterFlag.Register(ctx, fs) 48 f.OutputFlag.Register(ctx, fs) 49 50 fs.BoolVar(&f.asRef, "i", false, "Use moref instead of inventory path") 51 } 52 53 func (f *PermissionFlag) Process(ctx context.Context) error { 54 if err := f.DatacenterFlag.Process(ctx); err != nil { 55 return err 56 } 57 if err := f.OutputFlag.Process(ctx); err != nil { 58 return err 59 } 60 61 return nil 62 } 63 64 func (f *PermissionFlag) Manager(ctx context.Context) (*object.AuthorizationManager, error) { 65 if f.m != nil { 66 return f.m, nil 67 } 68 69 c, err := f.Client() 70 if err != nil { 71 return nil, err 72 } 73 74 f.m = object.NewAuthorizationManager(c) 75 f.Roles, err = f.m.RoleList(ctx) 76 77 return f.m, err 78 } 79 80 func (f *PermissionFlag) Role(name string) (*types.AuthorizationRole, error) { 81 role := f.Roles.ByName(name) 82 if role == nil { 83 return nil, fmt.Errorf("role %q not found", name) 84 } 85 return role, nil 86 } 87 88 func (f *PermissionFlag) ManagedObjects(ctx context.Context, args []string) ([]types.ManagedObjectReference, error) { 89 if !f.asRef { 90 return f.DatacenterFlag.ManagedObjects(ctx, args) 91 } 92 93 var refs []types.ManagedObjectReference 94 95 for _, arg := range args { 96 var ref types.ManagedObjectReference 97 if ref.FromString(arg) { 98 refs = append(refs, ref) 99 } else { 100 return nil, fmt.Errorf("invalid moref: %s", arg) 101 } 102 } 103 104 return refs, nil 105 } 106 107 func (l *List) Write(w io.Writer) error { 108 ctx := context.Background() 109 finder, err := l.f.Finder() 110 if err != nil { 111 return err 112 } 113 114 refs := make(map[types.ManagedObjectReference]string) 115 116 tw := tabwriter.NewWriter(w, 2, 0, 2, ' ', 0) 117 118 fmt.Fprintf(tw, "%s\t%s\t%s\t%s\n", "Role", "Entity", "Principal", "Propagate") 119 120 for _, perm := range l.Permissions { 121 propagate := "No" 122 if perm.Propagate { 123 propagate = "Yes" 124 } 125 126 name := l.Roles.ById(perm.RoleId).Name 127 128 p := "-" 129 if perm.Entity != nil { 130 if l.f.asRef { 131 p = perm.Entity.String() 132 } else { 133 // convert moref to inventory path 134 if p = refs[*perm.Entity]; p == "" { 135 e, err := finder.Element(ctx, *perm.Entity) 136 if err == nil { 137 p = e.Path 138 } 139 140 refs[*perm.Entity] = p 141 } 142 } 143 } 144 145 fmt.Fprintf(tw, "%s\t%s\t%s\t%s\n", name, p, perm.Principal, propagate) 146 } 147 148 return tw.Flush() 149 } 150 151 func (l *List) Add(perms []types.Permission) { 152 l.Permissions = append(l.Permissions, perms...) 153 }