mirror of https://github.com/databricks/cli.git
173 lines
4.3 KiB
Go
Executable File
173 lines
4.3 KiB
Go
Executable File
// Code generated from OpenAPI specs by Databricks SDK Generator. DO NOT EDIT.
|
|
|
|
package access_control
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/databricks/cli/cmd/root"
|
|
"github.com/databricks/cli/libs/cmdio"
|
|
"github.com/databricks/cli/libs/flags"
|
|
"github.com/databricks/databricks-sdk-go/service/iam"
|
|
"github.com/spf13/cobra"
|
|
)
|
|
|
|
var Cmd = &cobra.Command{
|
|
Use: "access-control",
|
|
Short: `These APIs manage access rules on resources in an account.`,
|
|
Long: `These APIs manage access rules on resources in an account. Currently, only
|
|
grant rules are supported. A grant rule specifies a role assigned to a set of
|
|
principals. A list of rules attached to a resource is called a rule set.`,
|
|
}
|
|
|
|
// start get command
|
|
|
|
var getReq iam.GetAccountAccessControlRequest
|
|
var getJson flags.JsonFlag
|
|
|
|
func init() {
|
|
Cmd.AddCommand(getCmd)
|
|
// TODO: short flags
|
|
getCmd.Flags().Var(&getJson, "json", `either inline JSON string or @path/to/file.json with request body`)
|
|
|
|
}
|
|
|
|
var getCmd = &cobra.Command{
|
|
Use: "get NAME ETAG",
|
|
Short: `Get a rule set.`,
|
|
Long: `Get a rule set.
|
|
|
|
Get a rule set by its name. A rule set is always attached to a resource and
|
|
contains a list of access rules on the said resource. Currently only a default
|
|
rule set for each resource is supported.`,
|
|
|
|
Annotations: map[string]string{},
|
|
Args: func(cmd *cobra.Command, args []string) error {
|
|
check := cobra.ExactArgs(2)
|
|
if cmd.Flags().Changed("json") {
|
|
check = cobra.ExactArgs(0)
|
|
}
|
|
return check(cmd, args)
|
|
},
|
|
PreRunE: root.MustAccountClient,
|
|
RunE: func(cmd *cobra.Command, args []string) (err error) {
|
|
ctx := cmd.Context()
|
|
a := root.AccountClient(ctx)
|
|
if cmd.Flags().Changed("json") {
|
|
err = getJson.Unmarshal(&getReq)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
} else {
|
|
getReq.Name = args[0]
|
|
getReq.Etag = args[1]
|
|
}
|
|
|
|
response, err := a.AccessControl.Get(ctx, getReq)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return cmdio.Render(ctx, response)
|
|
},
|
|
}
|
|
|
|
// start list command
|
|
|
|
var listReq iam.ListAccountAccessControlRequest
|
|
var listJson flags.JsonFlag
|
|
|
|
func init() {
|
|
Cmd.AddCommand(listCmd)
|
|
// TODO: short flags
|
|
listCmd.Flags().Var(&listJson, "json", `either inline JSON string or @path/to/file.json with request body`)
|
|
|
|
}
|
|
|
|
var listCmd = &cobra.Command{
|
|
Use: "list NAME",
|
|
Short: `List assignable roles on a resource.`,
|
|
Long: `List assignable roles on a resource.
|
|
|
|
Gets all the roles that can be granted on an account level resource. A role is
|
|
grantable if the rule set on the resource can contain an access rule of the
|
|
role.`,
|
|
|
|
Annotations: map[string]string{},
|
|
Args: func(cmd *cobra.Command, args []string) error {
|
|
check := cobra.ExactArgs(1)
|
|
if cmd.Flags().Changed("json") {
|
|
check = cobra.ExactArgs(0)
|
|
}
|
|
return check(cmd, args)
|
|
},
|
|
PreRunE: root.MustAccountClient,
|
|
RunE: func(cmd *cobra.Command, args []string) (err error) {
|
|
ctx := cmd.Context()
|
|
a := root.AccountClient(ctx)
|
|
if cmd.Flags().Changed("json") {
|
|
err = listJson.Unmarshal(&listReq)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
} else {
|
|
listReq.Name = args[0]
|
|
}
|
|
|
|
response, err := a.AccessControl.List(ctx, listReq)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return cmdio.Render(ctx, response)
|
|
},
|
|
}
|
|
|
|
// start update command
|
|
|
|
var updateReq iam.UpdateRuleSetRequest
|
|
var updateJson flags.JsonFlag
|
|
|
|
func init() {
|
|
Cmd.AddCommand(updateCmd)
|
|
// TODO: short flags
|
|
updateCmd.Flags().Var(&updateJson, "json", `either inline JSON string or @path/to/file.json with request body`)
|
|
|
|
}
|
|
|
|
var updateCmd = &cobra.Command{
|
|
Use: "update",
|
|
Short: `Update a rule set.`,
|
|
Long: `Update a rule set.
|
|
|
|
Replace the rules of a rule set. First, use get to read the current version of
|
|
the rule set before modifying it. This pattern helps prevent conflicts between
|
|
concurrent updates.`,
|
|
|
|
Annotations: map[string]string{},
|
|
PreRunE: root.MustAccountClient,
|
|
RunE: func(cmd *cobra.Command, args []string) (err error) {
|
|
ctx := cmd.Context()
|
|
a := root.AccountClient(ctx)
|
|
if cmd.Flags().Changed("json") {
|
|
err = updateJson.Unmarshal(&updateReq)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
} else {
|
|
updateReq.Name = args[0]
|
|
_, err = fmt.Sscan(args[1], &updateReq.RuleSet)
|
|
if err != nil {
|
|
return fmt.Errorf("invalid RULE_SET: %s", args[1])
|
|
}
|
|
updateReq.Etag = args[2]
|
|
}
|
|
|
|
response, err := a.AccessControl.Update(ctx, updateReq)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return cmdio.Render(ctx, response)
|
|
},
|
|
}
|
|
|
|
// end service AccountAccessControl
|