From 5a5b68b8a92ca39b4ad68f2d765ad2361e723b31 Mon Sep 17 00:00:00 2001 From: Nam Hai Nguyen Date: Fri, 26 May 2023 09:59:44 +0000 Subject: [PATCH 1/2] Add API and command to assign Role to a Group for a given View --- api/groups.go | 22 +++++++++++++ api/roles.go | 29 ++++++++-------- api/views.go | 28 ++++++++++++++++ cmd/humioctl/views.go | 1 + cmd/humioctl/views_assign_role_group.go | 44 +++++++++++++++++++++++++ 5 files changed, 110 insertions(+), 14 deletions(-) create mode 100644 cmd/humioctl/views_assign_role_group.go diff --git a/api/groups.go b/api/groups.go index a10da4a..b89ca84 100644 --- a/api/groups.go +++ b/api/groups.go @@ -34,6 +34,28 @@ func (g *Groups) List() ([]Group, error) { return query.Page.Groups, nil } +func (g *Groups) Get(name string) (*Group, error) { + var query struct { + Result Group `graphql:"groupByDisplayName(displayName: $displayName)"` + } + + variables := map[string]interface{}{ + "displayName": graphql.String(name), + } + + err := g.client.Query(&query, variables) + if err != nil { + return nil, err + } + + group := Group{ + ID: query.Result.ID, + DisplayName: query.Result.DisplayName, + } + + return &group, nil +} + func (g *Groups) AddUserToGroup(groupID string, userID string) error { var mutation struct { AddUsersToGroup struct { diff --git a/api/roles.go b/api/roles.go index 8f487f3..41d6754 100644 --- a/api/roles.go +++ b/api/roles.go @@ -17,23 +17,24 @@ type Role struct { Description string `graphql:"description` ViewPermissions []string `graphql:"viewPermissions"` SystemPermissions []string `graphql:"systemPermissions` - OrgPermissions []string `graphql:"organizationPermissions` + OrganizationPermissions []string `graphql:"organizationPermissions` } func (c *Client) Roles() *Roles { return &Roles{client: c} } func (r *Roles) List() ([]Role, error) { var query struct { - Roles struct { - Roles []Role - } `graphql:"roles()"` + Roles []Role `graphql:"roles"` } err := r.client.Query(&query, nil) - + if err != nil { + return nil, err + } + var RolesList []Role if err == nil { - RolesList = query.Roles.Roles + RolesList = query.Roles } return RolesList, nil @@ -54,8 +55,8 @@ func (r *Roles) Create(role *Role) error { systemPermissions[i] = graphql.String(permission) } - orgPermissions := make([]graphql.String, len(role.OrgPermissions)) - for i, permission := range role.OrgPermissions { + orgPermissions := make([]graphql.String, len(role.OrganizationPermissions)) + for i, permission := range role.OrganizationPermissions { orgPermissions[i] = graphql.String(permission) } @@ -95,8 +96,8 @@ func (r *Roles) Update(rolename string, newRole *Role) error { systemPermissions[i] = graphql.String(permission) } - orgPermissions := make([]graphql.String, len(newRole.OrgPermissions)) - for i, permission := range newRole.OrgPermissions { + orgPermissions := make([]graphql.String, len(newRole.OrganizationPermissions)) + for i, permission := range newRole.OrganizationPermissions { orgPermissions[i] = graphql.String(permission) } @@ -134,8 +135,8 @@ func (r *Roles) RemoveRole(rolename string) error { } func (r *Roles) Get(rolename string) (*Role, error) { - roleId, err := r.GetRoleID(rolename) - if roleId == "" || err != nil { + roleID, err := r.GetRoleID(rolename) + if roleID == "" || err != nil { return nil, fmt.Errorf("unable to get role id") } @@ -144,10 +145,10 @@ func (r *Roles) Get(rolename string) (*Role, error) { } variables := map[string]interface{}{ - "roleId": graphql.String(roleId), + "roleId": graphql.String(roleID), } - err = r.client.Query(query, variables) + err = r.client.Query(&query, variables) if err != nil { return nil, err } diff --git a/api/views.go b/api/views.go index af79601..b842363 100644 --- a/api/views.go +++ b/api/views.go @@ -18,6 +18,7 @@ type ViewConnection struct { type ViewQueryData struct { Name string + ID string Description string ViewInfo struct { Connections []struct { @@ -29,6 +30,7 @@ type ViewQueryData struct { type View struct { Name string + ID string Description string Connections []ViewConnection } @@ -59,6 +61,7 @@ func (c *Views) Get(name string) (*View, error) { view := View{ Name: query.Result.Name, + ID: query.Result.ID, Description: query.Result.Description, Connections: connections, } @@ -171,3 +174,28 @@ func (c *Views) UpdateDescription(name string, description string) error { return c.client.Mutate(&mutation, variables) } + +func (c *Views) AssignRoleToGroup(viewName, groupID, roleID string) error { + viewData, err := c.Get(viewName) + + if err != nil { + return err + } + + viewID := viewData.ID + + var mutation struct { + AssignRoleToGroup struct { + // We have to make a selection, so just take __typename + Typename graphql.String `graphql:"__typename"` + } `graphql:"assignRoleToGroup(input:{viewId: $viewId, groupId: $groupId, roleId: $roleId})"` + } + + variables := map[string]interface{}{ + "viewId": graphql.String(viewID), + "groupId": graphql.String(groupID), + "roleId": graphql.String(roleID), + } + + return c.client.Mutate(&mutation, variables) +} diff --git a/cmd/humioctl/views.go b/cmd/humioctl/views.go index 6dd69dd..5e40f5c 100644 --- a/cmd/humioctl/views.go +++ b/cmd/humioctl/views.go @@ -31,6 +31,7 @@ func newViewsCmd() *cobra.Command { cmd.AddCommand(newViewsCreateCmd()) cmd.AddCommand(newViewsUpdateCmd()) cmd.AddCommand(newViewsDeleteCmd()) + cmd.AddCommand(newViewsAssignRoleGroupCmd()) return cmd } diff --git a/cmd/humioctl/views_assign_role_group.go b/cmd/humioctl/views_assign_role_group.go new file mode 100644 index 0000000..0d179a9 --- /dev/null +++ b/cmd/humioctl/views_assign_role_group.go @@ -0,0 +1,44 @@ +// Copyright © 2018 Humio Ltd. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "github.com/spf13/cobra" +) + +func newViewsAssignRoleGroupCmd() *cobra.Command { + cmd := cobra.Command{ + Use: "assign ", + Short: "Assign Role to a Group for a View", + Args: cobra.ExactArgs(3), + Run: func(cmd *cobra.Command, args []string) { + roleName := args[0] + groupName := args[1] + viewName := args[2] + client := NewApiClient(cmd) + + role, err := client.Roles().Get(roleName) + exitOnError(cmd, err, "Error fetching role") + + group, err := client.Groups().Get(groupName) + exitOnError(cmd, err, "Error fetching group") + + err = client.Views().AssignRoleToGroup(viewName, group.ID, role.ID) + exitOnError(cmd, err, "Error assigning permission") + }, + } + + return &cmd +} From 5a2dd330a1e381a7ac90325e8d701b523e306ded Mon Sep 17 00:00:00 2001 From: Nam Hai Nguyen Date: Fri, 26 May 2023 10:26:29 +0000 Subject: [PATCH 2/2] Go fmt --- api/groups.go | 2 +- api/roles.go | 16 ++++++++-------- api/views.go | 4 ++-- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/api/groups.go b/api/groups.go index b89ca84..85d0656 100644 --- a/api/groups.go +++ b/api/groups.go @@ -49,7 +49,7 @@ func (g *Groups) Get(name string) (*Group, error) { } group := Group{ - ID: query.Result.ID, + ID: query.Result.ID, DisplayName: query.Result.DisplayName, } diff --git a/api/roles.go b/api/roles.go index 41d6754..1db92d3 100644 --- a/api/roles.go +++ b/api/roles.go @@ -11,13 +11,13 @@ type Roles struct { } type Role struct { - ID string `graphql:"id"` - DisplayName string `graphql:"displayName"` - Color string `graphql:"color"` - Description string `graphql:"description` - ViewPermissions []string `graphql:"viewPermissions"` - SystemPermissions []string `graphql:"systemPermissions` - OrganizationPermissions []string `graphql:"organizationPermissions` + ID string `graphql:"id"` + DisplayName string `graphql:"displayName"` + Color string `graphql:"color"` + Description string `graphql:"description` + ViewPermissions []string `graphql:"viewPermissions"` + SystemPermissions []string `graphql:"systemPermissions` + OrganizationPermissions []string `graphql:"organizationPermissions` } func (c *Client) Roles() *Roles { return &Roles{client: c} } @@ -31,7 +31,7 @@ func (r *Roles) List() ([]Role, error) { if err != nil { return nil, err } - + var RolesList []Role if err == nil { RolesList = query.Roles diff --git a/api/views.go b/api/views.go index b842363..74a47e5 100644 --- a/api/views.go +++ b/api/views.go @@ -192,9 +192,9 @@ func (c *Views) AssignRoleToGroup(viewName, groupID, roleID string) error { } variables := map[string]interface{}{ - "viewId": graphql.String(viewID), + "viewId": graphql.String(viewID), "groupId": graphql.String(groupID), - "roleId": graphql.String(roleID), + "roleId": graphql.String(roleID), } return c.client.Mutate(&mutation, variables)