// Code generated from OpenAPI specs by Databricks SDK Generator. DO NOT EDIT. package access_control import ( "fmt" "github.com/databricks/cli/cmd/root" "github.com/databricks/cli/libs/cmdio" "github.com/databricks/cli/libs/flags" "github.com/databricks/databricks-sdk-go/service/iam" "github.com/spf13/cobra" ) var Cmd = &cobra.Command{ Use: "access-control", Short: `These APIs manage access rules on resources in an account.`, Long: `These APIs manage access rules on resources in an account. Currently, only grant rules are supported. A grant rule specifies a role assigned to a set of principals. A list of rules attached to a resource is called a rule set.`, } // start get command var getReq iam.GetAccountAccessControlRequest var getJson flags.JsonFlag func init() { Cmd.AddCommand(getCmd) // TODO: short flags getCmd.Flags().Var(&getJson, "json", `either inline JSON string or @path/to/file.json with request body`) } var getCmd = &cobra.Command{ Use: "get NAME ETAG", Short: `Get a rule set.`, Long: `Get a rule set. Get a rule set by its name. A rule set is always attached to a resource and contains a list of access rules on the said resource. Currently only a default rule set for each resource is supported.`, Annotations: map[string]string{}, Args: func(cmd *cobra.Command, args []string) error { check := cobra.ExactArgs(2) if cmd.Flags().Changed("json") { check = cobra.ExactArgs(0) } return check(cmd, args) }, PreRunE: root.MustAccountClient, RunE: func(cmd *cobra.Command, args []string) (err error) { ctx := cmd.Context() a := root.AccountClient(ctx) if cmd.Flags().Changed("json") { err = getJson.Unmarshal(&getReq) if err != nil { return err } } else { getReq.Name = args[0] getReq.Etag = args[1] } response, err := a.AccessControl.Get(ctx, getReq) if err != nil { return err } return cmdio.Render(ctx, response) }, } // start list command var listReq iam.ListAccountAccessControlRequest var listJson flags.JsonFlag func init() { Cmd.AddCommand(listCmd) // TODO: short flags listCmd.Flags().Var(&listJson, "json", `either inline JSON string or @path/to/file.json with request body`) } var listCmd = &cobra.Command{ Use: "list NAME", Short: `List assignable roles on a resource.`, Long: `List assignable roles on a resource. Gets all the roles that can be granted on an account level resource. A role is grantable if the rule set on the resource can contain an access rule of the role.`, Annotations: map[string]string{}, Args: func(cmd *cobra.Command, args []string) error { check := cobra.ExactArgs(1) if cmd.Flags().Changed("json") { check = cobra.ExactArgs(0) } return check(cmd, args) }, PreRunE: root.MustAccountClient, RunE: func(cmd *cobra.Command, args []string) (err error) { ctx := cmd.Context() a := root.AccountClient(ctx) if cmd.Flags().Changed("json") { err = listJson.Unmarshal(&listReq) if err != nil { return err } } else { listReq.Name = args[0] } response, err := a.AccessControl.List(ctx, listReq) if err != nil { return err } return cmdio.Render(ctx, response) }, } // start update command var updateReq iam.UpdateRuleSetRequest var updateJson flags.JsonFlag func init() { Cmd.AddCommand(updateCmd) // TODO: short flags updateCmd.Flags().Var(&updateJson, "json", `either inline JSON string or @path/to/file.json with request body`) } var updateCmd = &cobra.Command{ Use: "update", Short: `Update a rule set.`, Long: `Update a rule set. Replace the rules of a rule set. First, use get to read the current version of the rule set before modifying it. This pattern helps prevent conflicts between concurrent updates.`, Annotations: map[string]string{}, PreRunE: root.MustAccountClient, RunE: func(cmd *cobra.Command, args []string) (err error) { ctx := cmd.Context() a := root.AccountClient(ctx) if cmd.Flags().Changed("json") { err = updateJson.Unmarshal(&updateReq) if err != nil { return err } } else { updateReq.Name = args[0] _, err = fmt.Sscan(args[1], &updateReq.RuleSet) if err != nil { return fmt.Errorf("invalid RULE_SET: %s", args[1]) } updateReq.Etag = args[2] } response, err := a.AccessControl.Update(ctx, updateReq) if err != nil { return err } return cmdio.Render(ctx, response) }, } // end service AccountAccessControl