cli: oss refactors to support making the auth method CLI aware of namespace rules in enterprise (#7812)

2020-05-07 17:08:42 -05:00 · 2020-05-07 17:08:42 -05:00 · bf70ad1802
parent 2d657c3c0f
commit bf70ad1802
6 changed files with 90 additions and 21 deletions
--- a/command/acl/authmethod/create/authmethod_create.go
+++ b/command/acl/authmethod/create/authmethod_create.go
@ -42,6 +42,8 @@ type cmd struct {
 	format   string

 	testStdin io.Reader
+
+	enterpriseCmd
 }

 func (c *cmd) init() {
@ -124,6 +126,8 @@ func (c *cmd) init() {
 			"given to indicate that the config is available on stdin",
 	)

+	c.initEnterpriseFlags()
+
 	c.http = &flags.HTTPFlags{}
 	flags.Merge(c.flags, c.http.ClientFlags())
 	flags.Merge(c.flags, c.http.ServerFlags())
@ -162,6 +166,11 @@ func (c *cmd) Run(args []string) int {
 		newAuthMethod.MaxTokenTTL = c.maxTokenTTL
 	}

+	if err := c.enterprisePopulateAuthMethod(newAuthMethod); err != nil {
+		c.UI.Error(err.Error())
+		return 1
+	}
+
 	if c.config != "" {
 		if c.k8sHost != "" || c.k8sCACert != "" || c.k8sServiceAccountJWT != "" {
 			c.UI.Error(fmt.Sprintf("Cannot use command line arguments with '-config' flags"))
--- a/command/acl/authmethod/create/authmethod_create_oss.go
+++ b/command/acl/authmethod/create/authmethod_create_oss.go
@ -0,0 +1,14 @@
+// +build !consulent
+
+package authmethodcreate
+
+import "github.com/hashicorp/consul/api"
+
+type enterpriseCmd struct {
+}
+
+func (c *cmd) initEnterpriseFlags() {}
+
+func (c *cmd) enterprisePopulateAuthMethod(method *api.ACLAuthMethod) error {
+	return nil
+}
--- a/command/acl/authmethod/create/authmethod_create_test.go
+++ b/command/acl/authmethod/create/authmethod_create_test.go
@ -97,11 +97,12 @@ func TestAuthMethodCreateCommand(t *testing.T) {
 	})

 	t.Run("create testing", func(t *testing.T) {
+		name := getTestName(t)
 		args := []string{
 			"-http-addr=" + a.HTTPAddr(),
 			"-token=root",
 			"-type=testing",
-			"-name=test",
+			"-name", name,
 			"-description=desc",
 			"-display-name=display",
 		}
@ -113,9 +114,9 @@ func TestAuthMethodCreateCommand(t *testing.T) {
 		require.Equal(t, code, 0)
 		require.Empty(t, ui.ErrorWriter.String())

-		got := getTestMethod(t, client, "test")
+		got := getTestMethod(t, client, name)
 		expect := &api.ACLAuthMethod{
-			Name:        "test",
+			Name:        name,
 			Type:        "testing",
 			DisplayName: "display",
 			Description: "desc",
@ -124,11 +125,12 @@ func TestAuthMethodCreateCommand(t *testing.T) {
 	})

 	t.Run("create testing with max token ttl", func(t *testing.T) {
+		name := getTestName(t)
 		args := []string{
 			"-http-addr=" + a.HTTPAddr(),
 			"-token=root",
 			"-type=testing",
-			"-name=test",
+			"-name", name,
 			"-description=desc",
 			"-display-name=display",
 			"-max-token-ttl=5m",
@ -141,9 +143,9 @@ func TestAuthMethodCreateCommand(t *testing.T) {
 		require.Equal(t, code, 0, "err: "+ui.ErrorWriter.String())
 		require.Empty(t, ui.ErrorWriter.String())

-		got := getTestMethod(t, client, "test")
+		got := getTestMethod(t, client, name)
 		expect := &api.ACLAuthMethod{
-			Name:        "test",
+			Name:        name,
 			Type:        "testing",
 			DisplayName: "display",
 			Description: "desc",
@ -188,11 +190,12 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
 	})

 	t.Run("create testing", func(t *testing.T) {
+		name := getTestName(t)
 		args := []string{
 			"-http-addr=" + a.HTTPAddr(),
 			"-token=root",
 			"-type=testing",
-			"-name=test",
+			"-name", name,
 			"-description=desc",
 			"-display-name=display",
 			"-format=json",
@ -206,14 +209,14 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {

 		require.Equal(t, code, 0)
 		require.Empty(t, ui.ErrorWriter.String())
-		require.Contains(t, out, "test")
+		require.Contains(t, out, name)

 		var jsonOutput json.RawMessage
 		require.NoError(t, json.Unmarshal([]byte(out), &jsonOutput))

-		got := getTestMethod(t, client, "test")
+		got := getTestMethod(t, client, name)
 		expect := &api.ACLAuthMethod{
-			Name:        "test",
+			Name:        name,
 			Type:        "testing",
 			DisplayName: "display",
 			Description: "desc",
@ -222,11 +225,12 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
 	})

 	t.Run("create testing with max token ttl", func(t *testing.T) {
+		name := getTestName(t)
 		args := []string{
 			"-http-addr=" + a.HTTPAddr(),
 			"-token=root",
 			"-type=testing",
-			"-name=test",
+			"-name", name,
 			"-description=desc",
 			"-display-name=display",
 			"-max-token-ttl=5m",
@ -241,11 +245,11 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {

 		require.Equal(t, code, 0)
 		require.Empty(t, ui.ErrorWriter.String())
-		require.Contains(t, out, "test")
+		require.Contains(t, out, name)

-		got := getTestMethod(t, client, "test")
+		got := getTestMethod(t, client, name)
 		expect := &api.ACLAuthMethod{
-			Name:        "test",
+			Name:        name,
 			Type:        "testing",
 			DisplayName: "display",
 			Description: "desc",
@ -260,7 +264,7 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
 		delete(raw, "Namespace")

 		require.Equal(t, map[string]interface{}{
-			"Name":        "test",
+			"Name":        name,
 			"Type":        "testing",
 			"DisplayName": "display",
 			"Description": "desc",
@ -444,6 +448,7 @@ func TestAuthMethodCreateCommand_config(t *testing.T) {
 	}

 	t.Run("config file", func(t *testing.T) {
+		name := getTestName(t)
 		configFile := filepath.Join(testDir, "config.json")
 		jsonConfig := `{"SessionID":"foo"}`
 		require.NoError(t, ioutil.WriteFile(configFile, []byte(jsonConfig), 0644))
@ -452,7 +457,7 @@ func TestAuthMethodCreateCommand_config(t *testing.T) {
 			"-http-addr=" + a.HTTPAddr(),
 			"-token=root",
 			"-type=testing",
-			"-name=test",
+			"-name", name,
 			"-config=@" + configFile,
 		}
 		ui := cli.NewMockUi()
@ -460,10 +465,11 @@ func TestAuthMethodCreateCommand_config(t *testing.T) {
 		code := cmd.Run(args)
 		require.Equal(t, 0, code)
 		require.Empty(t, ui.ErrorWriter.String())
-		checkMethod(t, "test")
+		checkMethod(t, name)
 	})

 	t.Run("config std-in", func(t *testing.T) {
+		name := getTestName(t)
 		stdinR, stdinW := io.Pipe()
 		ui := cli.NewMockUi()
 		cmd := New(ui)
@ -477,29 +483,30 @@ func TestAuthMethodCreateCommand_config(t *testing.T) {
 			"-http-addr=" + a.HTTPAddr(),
 			"-token=root",
 			"-type=testing",
-			"-name=test2",
+			"-name", name,
 			"-config=-",
 		}
 		code := cmd.Run(args)
 		require.Equal(t, 0, code)
 		require.Empty(t, ui.ErrorWriter.String())
-		checkMethod(t, "test2")
+		checkMethod(t, name)

 	})
 	t.Run("config string", func(t *testing.T) {
+		name := getTestName(t)
 		ui := cli.NewMockUi()
 		cmd := New(ui)
 		args := []string{
 			"-http-addr=" + a.HTTPAddr(),
 			"-token=root",
 			"-type=testing",
-			"-name=test3",
+			"-name", name,
 			"-config=" + `{"SessionID":"foo"}`,
 		}
 		code := cmd.Run(args)
 		require.Equal(t, 0, code)
 		require.Empty(t, ui.ErrorWriter.String())
-		checkMethod(t, "test3")
+		checkMethod(t, name)
 	})
 }

--- a/command/acl/authmethod/formatter.go
+++ b/command/acl/authmethod/formatter.go
@ -58,6 +58,16 @@ func (f *prettyFormatter) FormatAuthMethod(method *api.ACLAuthMethod) (string, e
 		buffer.WriteString(fmt.Sprintf("DisplayName:  %s\n", method.DisplayName))
 	}
 	buffer.WriteString(fmt.Sprintf("Description:  %s\n", method.Description))
+	if method.MaxTokenTTL > 0 {
+		buffer.WriteString(fmt.Sprintf("MaxTokenTTL:  %s\n", method.MaxTokenTTL))
+	}
+	if len(method.NamespaceRules) > 0 {
+		buffer.WriteString(fmt.Sprintln("NamespaceRules:"))
+		for _, rule := range method.NamespaceRules {
+			buffer.WriteString(fmt.Sprintf("   Selector:      %s\n", rule.Selector))
+			buffer.WriteString(fmt.Sprintf("   BindNamespace: %s\n", rule.BindNamespace))
+		}
+	}
 	if f.showMeta {
 		buffer.WriteString(fmt.Sprintf("Create Index: %d\n", method.CreateIndex))
 		buffer.WriteString(fmt.Sprintf("Modify Index: %d\n", method.ModifyIndex))
--- a/command/acl/authmethod/update/authmethod_update.go
+++ b/command/acl/authmethod/update/authmethod_update.go
@ -43,6 +43,8 @@ type cmd struct {
 	format   string

 	testStdin io.Reader
+
+	enterpriseCmd
 }

 func (c *cmd) init() {
@ -127,6 +129,9 @@ func (c *cmd) init() {
 		authmethod.PrettyFormat,
 		fmt.Sprintf("Output format {%s}", strings.Join(authmethod.GetSupportedFormats(), "|")),
 	)
+
+	c.initEnterpriseFlags()
+
 	c.http = &flags.HTTPFlags{}
 	flags.Merge(c.flags, c.http.ClientFlags())
 	flags.Merge(c.flags, c.http.ServerFlags())
@ -183,6 +188,11 @@ func (c *cmd) Run(args []string) int {
 			method.MaxTokenTTL = c.maxTokenTTL
 		}

+		if err := c.enterprisePopulateAuthMethod(method); err != nil {
+			c.UI.Error(err.Error())
+			return 1
+		}
+
 		if c.config != "" {
 			if c.k8sHost != "" || c.k8sCACert != "" || c.k8sServiceAccountJWT != "" {
 				c.UI.Error(fmt.Sprintf("Cannot use command line arguments with '-config' flag"))
@ -229,6 +239,10 @@ func (c *cmd) Run(args []string) int {
 		if c.maxTokenTTL > 0 {
 			method.MaxTokenTTL = c.maxTokenTTL
 		}
+		if err := c.enterprisePopulateAuthMethod(method); err != nil {
+			c.UI.Error(err.Error())
+			return 1
+		}
 		if c.config != "" {
 			if c.k8sHost != "" || c.k8sCACert != "" || c.k8sServiceAccountJWT != "" {
 				c.UI.Error(fmt.Sprintf("Cannot use command line arguments with '-config' flag"))
--- a/command/acl/authmethod/update/authmethod_update_oss.go
+++ b/command/acl/authmethod/update/authmethod_update_oss.go
@ -0,0 +1,15 @@
+// +build !consulent
+
+package authmethodupdate
+
+import "github.com/hashicorp/consul/api"
+
+type enterpriseCmd struct {
+}
+
+func (c *cmd) initEnterpriseFlags() {
+}
+
+func (c *cmd) enterprisePopulateAuthMethod(method *api.ACLAuthMethod) error {
+	return nil
+}