29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
# File 'lib/chef/knife/acl_bulk_add.rb', line 29
def run
member_type, member_name, object_type, regex, perms = name_args
object_name_matcher = /#{regex}/
if name_args.length != 5
show_usage
ui.fatal "You must specify the member type [client|group], member name, object type, object name REGEX and perms"
exit 1
end
unless %w{client group}.include?(member_type)
ui.fatal "ERROR: To enforce best practice, knife-acl can only add a client or a group to an ACL."
ui.fatal " See the knife-acl README for more information."
exit 1
end
validate_perm_type!(perms)
validate_member_name!(member_name)
validate_object_type!(object_type)
validate_member_exists!(member_type, member_name)
if %w{containers groups}.include?(object_type)
ui.fatal "bulk modifying the ACL of #{object_type} is not permitted"
exit 1
end
objects_to_modify = []
all_objects = rest.get_rest(object_type)
objects_to_modify = all_objects.keys.select { |object_name| object_name =~ object_name_matcher }
if objects_to_modify.empty?
ui.info "No #{object_type} match the expression /#{regex}/"
exit 0
end
ui.msg("The ACL of the following #{object_type} will be modified:")
ui.msg("")
ui.msg(ui.list(objects_to_modify.sort, :columns_down))
ui.msg("")
ui.confirm("Are you sure you want to modify the ACL of these #{object_type}?")
objects_to_modify.each do |object_name|
add_to_acl!(member_type, member_name, object_type, object_name, perms)
end
end
|