github.com/vmware/govmomi@v0.51.0/cli/sso/user/create.go (about) 1 // © Broadcom. All Rights Reserved. 2 // The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. 3 // SPDX-License-Identifier: Apache-2.0 4 5 package user 6 7 import ( 8 "context" 9 "encoding/base64" 10 "encoding/pem" 11 "flag" 12 13 "github.com/vmware/govmomi/cli" 14 "github.com/vmware/govmomi/cli/flags" 15 "github.com/vmware/govmomi/cli/sso" 16 "github.com/vmware/govmomi/ssoadmin" 17 "github.com/vmware/govmomi/ssoadmin/types" 18 ) 19 20 type userDetails struct { 21 *flags.ClientFlag 22 23 types.AdminPersonDetails 24 password string 25 solution types.AdminSolutionDetails 26 actas *bool 27 role string 28 } 29 30 func (cmd *userDetails) Usage() string { 31 return "NAME" 32 } 33 34 func (cmd *userDetails) Register(ctx context.Context, f *flag.FlagSet) { 35 cmd.ClientFlag, ctx = flags.NewClientFlag(ctx) 36 cmd.ClientFlag.Register(ctx, f) 37 38 f.StringVar(&cmd.Description, "d", "", "User description") 39 f.StringVar(&cmd.EmailAddress, "m", "", "Email address") 40 f.StringVar(&cmd.FirstName, "f", "", "First name") 41 f.StringVar(&cmd.LastName, "l", "", "Last name") 42 f.StringVar(&cmd.password, "p", "", "Password") 43 f.StringVar(&cmd.solution.Certificate, "C", "", "Certificate for solution user") 44 f.Var(flags.NewOptionalBool(&cmd.actas), "A", "ActAsUser role for solution user WSTrust") 45 f.StringVar(&cmd.role, "R", "", "Role for solution user (RegularUser|Administrator)") 46 } 47 48 func (cmd *userDetails) Certificate() string { 49 block, _ := pem.Decode([]byte(cmd.solution.Certificate)) 50 if block != nil { 51 return base64.StdEncoding.EncodeToString(block.Bytes) 52 } 53 return cmd.solution.Certificate 54 } 55 56 type create struct { 57 userDetails 58 } 59 60 func init() { 61 cli.Register("sso.user.create", &create{}) 62 } 63 64 func (cmd *create) Description() string { 65 return `Create SSO users. 66 67 Examples: 68 govc sso.user.create -C "$(cat cert.pem)" -A -R Administrator NAME # solution user 69 govc sso.user.create -p password NAME # person user` 70 } 71 72 func (cmd *create) Run(ctx context.Context, f *flag.FlagSet) error { 73 if f.NArg() != 1 { 74 return flag.ErrHelp 75 } 76 id := f.Arg(0) 77 person := cmd.solution.Certificate == "" 78 if person { 79 if cmd.password == "" { 80 return flag.ErrHelp 81 } 82 } else { 83 if cmd.password != "" { 84 return flag.ErrHelp 85 } 86 } 87 88 return sso.WithClient(ctx, cmd.ClientFlag, func(c *ssoadmin.Client) error { 89 if person { 90 return c.CreatePersonUser(ctx, id, cmd.AdminPersonDetails, cmd.password) 91 } 92 93 cmd.solution.Certificate = cmd.Certificate() 94 cmd.solution.Description = cmd.AdminPersonDetails.Description 95 96 if err := c.CreateSolutionUser(ctx, id, cmd.solution); err != nil { 97 return err 98 } 99 100 p := types.PrincipalId{Name: id, Domain: c.Domain} 101 102 if cmd.role != "" { 103 if _, err := c.SetRole(ctx, p, cmd.role); err != nil { 104 return err 105 } 106 } 107 108 if cmd.actas != nil && *cmd.actas { 109 if _, err := c.GrantWSTrustRole(ctx, p, types.RoleActAsUser); err != nil { 110 return err 111 } 112 } 113 114 return nil 115 }) 116 }