databricks-cli/cmd/account/access-control/access-control.go

173 lines
4.3 KiB
Go
Executable File

// Code generated from OpenAPI specs by Databricks SDK Generator. DO NOT EDIT.
package access_control
import (
"fmt"
"github.com/databricks/cli/cmd/root"
"github.com/databricks/cli/libs/cmdio"
"github.com/databricks/cli/libs/flags"
"github.com/databricks/databricks-sdk-go/service/iam"
"github.com/spf13/cobra"
)
var Cmd = &cobra.Command{
Use: "access-control",
Short: `These APIs manage access rules on resources in an account.`,
Long: `These APIs manage access rules on resources in an account. Currently, only
grant rules are supported. A grant rule specifies a role assigned to a set of
principals. A list of rules attached to a resource is called a rule set.`,
}
// start get command
var getReq iam.GetAccountAccessControlRequest
var getJson flags.JsonFlag
func init() {
Cmd.AddCommand(getCmd)
// TODO: short flags
getCmd.Flags().Var(&getJson, "json", `either inline JSON string or @path/to/file.json with request body`)
}
var getCmd = &cobra.Command{
Use: "get NAME ETAG",
Short: `Get a rule set.`,
Long: `Get a rule set.
Get a rule set by its name. A rule set is always attached to a resource and
contains a list of access rules on the said resource. Currently only a default
rule set for each resource is supported.`,
Annotations: map[string]string{},
Args: func(cmd *cobra.Command, args []string) error {
check := cobra.ExactArgs(2)
if cmd.Flags().Changed("json") {
check = cobra.ExactArgs(0)
}
return check(cmd, args)
},
PreRunE: root.MustAccountClient,
RunE: func(cmd *cobra.Command, args []string) (err error) {
ctx := cmd.Context()
a := root.AccountClient(ctx)
if cmd.Flags().Changed("json") {
err = getJson.Unmarshal(&getReq)
if err != nil {
return err
}
} else {
getReq.Name = args[0]
getReq.Etag = args[1]
}
response, err := a.AccessControl.Get(ctx, getReq)
if err != nil {
return err
}
return cmdio.Render(ctx, response)
},
}
// start list command
var listReq iam.ListAccountAccessControlRequest
var listJson flags.JsonFlag
func init() {
Cmd.AddCommand(listCmd)
// TODO: short flags
listCmd.Flags().Var(&listJson, "json", `either inline JSON string or @path/to/file.json with request body`)
}
var listCmd = &cobra.Command{
Use: "list NAME",
Short: `List assignable roles on a resource.`,
Long: `List assignable roles on a resource.
Gets all the roles that can be granted on an account level resource. A role is
grantable if the rule set on the resource can contain an access rule of the
role.`,
Annotations: map[string]string{},
Args: func(cmd *cobra.Command, args []string) error {
check := cobra.ExactArgs(1)
if cmd.Flags().Changed("json") {
check = cobra.ExactArgs(0)
}
return check(cmd, args)
},
PreRunE: root.MustAccountClient,
RunE: func(cmd *cobra.Command, args []string) (err error) {
ctx := cmd.Context()
a := root.AccountClient(ctx)
if cmd.Flags().Changed("json") {
err = listJson.Unmarshal(&listReq)
if err != nil {
return err
}
} else {
listReq.Name = args[0]
}
response, err := a.AccessControl.List(ctx, listReq)
if err != nil {
return err
}
return cmdio.Render(ctx, response)
},
}
// start update command
var updateReq iam.UpdateRuleSetRequest
var updateJson flags.JsonFlag
func init() {
Cmd.AddCommand(updateCmd)
// TODO: short flags
updateCmd.Flags().Var(&updateJson, "json", `either inline JSON string or @path/to/file.json with request body`)
}
var updateCmd = &cobra.Command{
Use: "update",
Short: `Update a rule set.`,
Long: `Update a rule set.
Replace the rules of a rule set. First, use get to read the current version of
the rule set before modifying it. This pattern helps prevent conflicts between
concurrent updates.`,
Annotations: map[string]string{},
PreRunE: root.MustAccountClient,
RunE: func(cmd *cobra.Command, args []string) (err error) {
ctx := cmd.Context()
a := root.AccountClient(ctx)
if cmd.Flags().Changed("json") {
err = updateJson.Unmarshal(&updateReq)
if err != nil {
return err
}
} else {
updateReq.Name = args[0]
_, err = fmt.Sscan(args[1], &updateReq.RuleSet)
if err != nil {
return fmt.Errorf("invalid RULE_SET: %s", args[1])
}
updateReq.Etag = args[2]
}
response, err := a.AccessControl.Update(ctx, updateReq)
if err != nil {
return err
}
return cmdio.Render(ctx, response)
},
}
// end service AccountAccessControl