forked from kopia/kopia
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcommand_acl_add.go
More file actions
53 lines (42 loc) · 1.42 KB
/
Copy pathcommand_acl_add.go
File metadata and controls
53 lines (42 loc) · 1.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
package cli
import (
"context"
"strings"
"github.com/pkg/errors"
"github.com/kopia/kopia/internal/acl"
"github.com/kopia/kopia/repo"
)
type commandACLAdd struct {
user string
target string
level string
overwrite bool
}
func (c *commandACLAdd) setup(svc appServices, parent commandParent) {
cmd := parent.Command("add", "Add ACL entry")
cmd.Flag("user", "User the ACL targets").Required().StringVar(&c.user)
cmd.Flag("target", "Manifests targeted by the rule (type:T,key1:value1,...,keyN:valueN)").Required().StringVar(&c.target)
cmd.Flag("access", "Access the user gets to subject").Required().EnumVar(&c.level, acl.SupportedAccessLevels()...)
cmd.Flag("overwrite", "Overwrite existing rule with the same user and target").BoolVar(&c.overwrite)
cmd.Action(svc.repositoryWriterAction(c.run))
}
func (c *commandACLAdd) run(ctx context.Context, rep repo.RepositoryWriter) error {
r := acl.TargetRule{}
for v := range strings.SplitSeq(c.target, ",") {
parts := strings.SplitN(v, "=", 2) //nolint:mnd
if len(parts) != 2 { //nolint:mnd
return errors.Errorf("invalid target labels %q, must be key=value", v)
}
r[parts[0]] = parts[1]
}
al, err := acl.ParseAccessLevel(c.level)
if err != nil {
return errors.Wrap(err, "invalid access level")
}
e := &acl.Entry{
User: c.user,
Target: r,
Access: al,
}
return errors.Wrap(acl.AddACL(ctx, rep, e, c.overwrite), "error adding ACL entry")
}