ruby-knife-acl 1.0.3-1 / usr / lib / ruby / vendor_ruby / chef / knife / acl_bulk_add.rb

This file is indexed.

/usr/lib/ruby/vendor_ruby/chef/knife/acl_bulk_add.rb is in ruby-knife-acl 1.0.3-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#
# Author:: Jeremiah Snapp (jeremiah@chef.io)
# Copyright:: Copyright 2011-2016 Chef Software, Inc.
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

module OpscodeAcl
  class AclBulkAdd < Chef::Knife
    category "OPSCODE HOSTED CHEF ACCESS CONTROL"
    banner "knife acl bulk add MEMBER_TYPE MEMBER_NAME OBJECT_TYPE REGEX PERMS"

    deps do
      require 'chef/knife/acl_base'
      include OpscodeAcl::AclBase
    end

    def run
      member_type, member_name, object_type, regex, perms = name_args
      object_name_matcher = /#{regex}/

      if name_args.length != 5
        show_usage
        ui.fatal "You must specify the member type [client|group], member name, object type, object name REGEX and perms"
        exit 1
      end

      unless %w(client group).include?(member_type)
        ui.fatal "ERROR: To enforce best practice, knife-acl can only add a client or a group to an ACL."
        ui.fatal "       See the knife-acl README for more information."
        exit 1
      end
      validate_perm_type!(perms)
      validate_member_name!(member_name)
      validate_object_type!(object_type)
      validate_member_exists!(member_type, member_name)

      if %w(containers groups).include?(object_type)
        ui.fatal "bulk modifying the ACL of #{object_type} is not permitted"
        exit 1
      end

      objects_to_modify = []
      all_objects = rest.get_rest(object_type)
      objects_to_modify = all_objects.keys.select { |object_name| object_name =~ object_name_matcher }

      if objects_to_modify.empty?
        ui.info "No #{object_type} match the expression /#{regex}/"
        exit 0
      end

      ui.msg("The ACL of the following #{object_type} will be modified:")
      ui.msg("")
      ui.msg(ui.list(objects_to_modify.sort, :columns_down))
      ui.msg("")
      ui.confirm("Are you sure you want to modify the ACL of these #{object_type}?")

      objects_to_modify.each do |object_name|
        add_to_acl!(member_type, member_name, object_type, object_name, perms)
      end
    end
  end
end

APT Browse - Built by Thomas Orozco.