etcdctl: a flag for getting detailed information of a user

This commit adds a new flag --detail to etcdctl user get command. The flag enables printing the detailed permission information of the user like below example: $ ETCDCTL_API=3 bin/etcdctl --user root:p user get u1 User: u1 Roles: r1 r2 $ ETCDCTL_API=3 bin/etcdctl --user root:p user get u1 --detail User: u1 Role r1 KV Read: [k1, k5) KV Write: [k1, k5) Role r2 KV Read: a b [k8, k9) KV Write: a b [k8, k9)
2024-09-27 06:25:44 +00:00 · 2016-06-21 16:35:59 +09:00 · 2016-06-21 16:35:59 +09:00 · 0e7690780f
commit 0e7690780f
parent d017814eaa
2 changed files with 43 additions and 19 deletions
--- a/etcdctl/ctlv3/command/role_command.go
+++ b/etcdctl/ctlv3/command/role_command.go
@ -115,18 +115,7 @@ func roleDeleteCommandFunc(cmd *cobra.Command, args []string) {
 	fmt.Printf("Role %s deleted\n", args[0])
 }

-// roleGetCommandFunc executes the "role get" command.
-func roleGetCommandFunc(cmd *cobra.Command, args []string) {
-	if len(args) != 1 {
-		ExitWithError(ExitBadArgs, fmt.Errorf("role get command requires role name as its argument."))
-	}
-
-	name := args[0]
-	resp, err := mustClientFromCmd(cmd).Auth.RoleGet(context.TODO(), name)
-	if err != nil {
-		ExitWithError(ExitError, err)
-	}
-
+func printRolePermissions(name string, resp *clientv3.AuthRoleGetResponse) {
 	fmt.Printf("Role %s\n", name)
 	fmt.Println("KV Read:")
 	for _, perm := range resp.Perm {
@ -150,6 +139,21 @@ func roleGetCommandFunc(cmd *cobra.Command, args []string) {
 	}
 }

+// roleGetCommandFunc executes the "role get" command.
+func roleGetCommandFunc(cmd *cobra.Command, args []string) {
+	if len(args) != 1 {
+		ExitWithError(ExitBadArgs, fmt.Errorf("role get command requires role name as its argument."))
+	}
+
+	name := args[0]
+	resp, err := mustClientFromCmd(cmd).Auth.RoleGet(context.TODO(), name)
+	if err != nil {
+		ExitWithError(ExitError, err)
+	}
+
+	printRolePermissions(name, resp)
+}
+
 // roleListCommandFunc executes the "role list" command.
 func roleListCommandFunc(cmd *cobra.Command, args []string) {
 	if len(args) != 0 {
--- a/etcdctl/ctlv3/command/user_command.go
+++ b/etcdctl/ctlv3/command/user_command.go
@ -23,6 +23,10 @@ import (
 	"golang.org/x/net/context"
 )

+var (
+	userShowDetail bool
+)
+
 // NewUserCommand returns the cobra command for "user".
 func NewUserCommand() *cobra.Command {
 	ac := &cobra.Command{
@ -66,12 +70,15 @@ func newUserDeleteCommand() *cobra.Command {
 }

 func newUserGetCommand() *cobra.Command {
-	// TODO(mitake): this command should also get detailed information of roles of the user
-	return &cobra.Command{
+	cmd := cobra.Command{
 		Use:   "get <user name>",
 		Short: "get detailed information of a user",
 		Run:   userGetCommandFunc,
 	}
+
+	cmd.Flags().BoolVar(&userShowDetail, "detail", false, "show permissions of roles granted to the user")
+
+	return &cmd
 }

 func newUserListCommand() *cobra.Command {
@ -153,17 +160,30 @@ func userGetCommandFunc(cmd *cobra.Command, args []string) {
 	}

 	name := args[0]
-	resp, err := mustClientFromCmd(cmd).Auth.UserGet(context.TODO(), name)
+	client := mustClientFromCmd(cmd)
+	resp, err := client.Auth.UserGet(context.TODO(), name)
 	if err != nil {
 		ExitWithError(ExitError, err)
 	}

 	fmt.Printf("User: %s\n", name)
-	fmt.Printf("Roles:")
-	for _, role := range resp.Roles {
-		fmt.Printf(" %s", role)
+	if !userShowDetail {
+		fmt.Printf("Roles:")
+		for _, role := range resp.Roles {
+			fmt.Printf(" %s", role)
+		}
+		fmt.Printf("\n")
+	} else {
+		for _, role := range resp.Roles {
+			fmt.Printf("\n")
+			roleResp, err := client.Auth.RoleGet(context.TODO(), role)
+			if err != nil {
+				ExitWithError(ExitError, err)
+			}
+
+			printRolePermissions(role, roleResp)
+		}
 	}
-	fmt.Printf("\n")
 }

 // userListCommandFunc executes the "user list" command.