Sha256: f389d129c7f0f153d0ab2ab983dd0e721e8cdb528c0e11780521a4bcd6ec3511
Contents?: true
Size: 1.79 KB
Versions: 6
Compression:
Stored size: 1.79 KB
Contents
require 'conjur/authn'
require 'conjur/command'
class Conjur::Command::Roles < Conjur::Command
self.prefix = :role
desc "Create a new role"
arg_name "role"
command :create do |c|
acting_as_option(c)
c.action do |global_options,options,args|
id = require_arg(args, 'role')
role = api.role(id)
role.create(options)
end
end
desc "Determines whether a role exists"
arg_name "role"
command :exists do |c|
c.action do |global_options,options,args|
id = require_arg(args, 'role')
role = api.role(id)
puts role.exists?
end
end
desc "Lists role memberships"
arg_name "role"
command :memberships do |c|
c.action do |global_options,options,args|
role = args.shift || api.user(api.username).roleid
display api.role(role).all.map(&:roleid)
end
end
desc "Lists all members of the role"
arg_name "role"
command :members do |c|
c.action do |global_options,options,args|
role = args.shift || api.user(api.username).roleid
display api.role(role).members.map(&:member).map(&:roleid)
end
end
desc "Grant a role to another role. You must have admin permission on the granting role."
arg_name "role member"
command :grant_to do |c|
c.desc "Whether to grant with admin option"
c.switch :admin
c.action do |global_options,options,args|
id = require_arg(args, 'role')
member = require_arg(args, 'member')
role = api.role(id)
role.grant_to member, options[:admin]
end
end
desc "Revoke a role from another role."
arg_name "role member"
command :revoke_from do |c|
c.action do |global_options,options,args|
id = require_arg(args, 'role')
member = require_arg(args, 'member')
role = api.role(id)
role.revoke_from member
end
end
end
Version data entries
6 entries across 6 versions & 1 rubygems