Skip to content

Commit

Permalink
Merge pull request #262 from fisuda/feature/permission_flags
Browse files Browse the repository at this point in the history 
Add flags for Keyrock permission
  • Loading branch information
@fisuda
fisuda authored Aug 19, 2023
2 parents b6c7be6 + 7ccd191 commit f3574b3
Show file tree
Hide file tree
Showing 9 changed files with 359 additions and 65 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
## NGSI Go v0.12.0-next

- Improve: Add flags for Keyrock permission (#262)
- Update: Update build and test environment (#261)
- Update: Update golang to 1.20.6 (#260)
- Update: Update Node.js dependencies (#253)
Expand Down
119 changes: 89 additions & 30 deletions docs/keyrock/applications-permissions.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,11 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b list --
"description": null,
"action": null,
"resource": null,
"authorization_service_header": null,
"use_authorization_service_header": 0,
"regex_entity_ids": null,
"regex_attributes": null,
"regex_types": null,
"xml": null
},
{
Expand All @@ -62,6 +67,11 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b list --
"description": null,
"action": null,
"resource": null,
"authorization_service_header": null,
"use_authorization_service_header": 0,
"regex_entity_ids": null,
"regex_attributes": null,
"regex_types": null,
"xml": null
},
{
Expand All @@ -70,6 +80,11 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b list --
"description": null,
"action": null,
"resource": null,
"authorization_service_header": null,
"use_authorization_service_header": 0,
"regex_entity_ids": null,
"regex_attributes": null,
"regex_types": null,
"xml": null
},
{
Expand All @@ -78,6 +93,11 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b list --
"description": null,
"action": null,
"resource": null,
"authorization_service_header": null,
"use_authorization_service_header": 0,
"regex_entity_ids": null,
"regex_attributes": null,
"regex_types": null,
"xml": null
},
{
Expand All @@ -86,6 +106,11 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b list --
"description": null,
"action": null,
"resource": null,
"authorization_service_header": null,
"use_authorization_service_header": 0,
"regex_entity_ids": null,
"regex_attributes": null,
"regex_types": null,
"xml": null
},
{
Expand All @@ -94,6 +119,11 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b list --
"description": null,
"action": null,
"resource": null,
"authorization_service_header": null,
"use_authorization_service_header": 0,
"regex_entity_ids": null,
"regex_attributes": null,
"regex_types": null,
"xml": null
}
]
Expand All @@ -107,7 +137,7 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b list --
This command gets a permission.

```console
ngsi application [command options] permissions --aid {id} get [options]
ngsi applications [command options] permissions --aid {id} get [options]
```

### Options
Expand Down Expand Up @@ -137,6 +167,11 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b get --p
"is_internal": true,
"action": null,
"resource": null,
"authorization_service_header": null,
"use_authorization_service_header": 0,
"regex_entity_ids": null,
"regex_attributes": null,
"regex_types": null,
"is_regex": 0,
"xml": null,
"oauth_client_id": "idm_admin_app"
Expand All @@ -151,23 +186,25 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b get --p
This command creates a permission.

```console
ngsi application [command options] permissions --aid {id} create [options]
ngsi applications [command options] permissions --aid {id} create [options]
```

### Options

| Options | Description |
| ----------------------------- | -------------------------------------- |
| --host VALUE, -h VALUE | broker or server host VALUE (required) |
| --aid VALUE, -i VALUE | application id (required) |
| --data VALUE, -d VALUE | permissionrole data |
| --name VALUE, -n VALUE | permission name |
| --description VALUE, -D VALUE | description |
| --action VALUE, -a VALUE | action |
| --resource VALUE, -r VALUE | resoruce |
| --verbose, -v | verbose (default: false) |
| --pretty, -P | pretty format (default: false) |
| --help | show help (default: true) |
| Options | Description |
| ------------------------------- | ---------------------------------------- |
| --host VALUE, -h VALUE | broker or server host VALUE (required) |
| --aid VALUE, -i VALUE | application id (required) |
| --data VALUE, -d VALUE | permissionrole data |
| --name VALUE, -n VALUE | permission name |
| --description VALUE, -D VALUE | description |
| --action VALUE, -a VALUE | action |
| --resource VALUE, -r VALUE | resoruce |
| --regex, -R | use resource with regex (default: false) |
| --serviceHeader VALUE, -S VALUE | set authorization service header |
| --verbose, -v | verbose (default: false) |
| --pretty, -P | pretty format (default: false) |
| --help | show help (default: true) |

### Examples

Expand All @@ -178,7 +215,9 @@ ngsi applications permissions --aid $aid \
create --name "permission1" \
--description "test" \
--action "GET" \
--resource "login"
--resource "login" \
--regex \
--serviceHeader "tenant1"
```

```console
Expand All @@ -192,24 +231,26 @@ ab781799-d2bb-4022-b4b9-5101cbc98e12
This command updates a permission.

```console
ngsi application [command options] permissions --aid {id} update [options]
ngsi applications [command options] permissions --aid {id} update [options]
```

### Options

| Options | Description |
| ----------------------------- | -------------------------------------- |
| --host VALUE, -h VALUE | broker or server host VALUE (required) |
| --aid VALUE, -i VALUE | application id (required) |
| --pid VALUE, -p VALUE | permission id (required) |
| --data VALUE, -d VALUE | permissionrole data |
| --name VALUE, -n VALUE | permission name |
| --description VALUE, -D VALUE | description |
| --action VALUE, -a VALUE | action |
| --resource VALUE, -r VALUE | resoruce |
| --verbose, -v | verbose (default: false) |
| --pretty, -P | pretty format (default: false) |
| --help | show help (default: true) |
| Options | Description |
| ------------------------------- | ---------------------------------------- |
| --host VALUE, -h VALUE | broker or server host VALUE (required) |
| --aid VALUE, -i VALUE | application id (required) |
| --pid VALUE, -p VALUE | permission id (required) |
| --data VALUE, -d VALUE | permissionrole data |
| --name VALUE, -n VALUE | permission name |
| --description VALUE, -D VALUE | description |
| --action VALUE, -a VALUE | action |
| --resource VALUE, -r VALUE | resoruce |
| --regex, -R | use resource with regex (default: false) |
| --serviceHeader VALUE, -S VALUE | set authorization service header |
| --verbose, -v | verbose (default: false) |
| --pretty, -P | pretty format (default: false) |
| --help | show help (default: true) |

### Examples

Expand All @@ -224,14 +265,32 @@ ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b \
{"values_updated":{"name":"perm1"}}
```

```console
ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b \
update --pid ab781799-d2bb-4022-b4b9-5101cbc98e12 --regex false
```

```console
{"values_updated":{"is_regex":false}}
```

```console
ngsi applications permissions --aid 8b58ecff-fb45-4811-945c-6f42339db06b \
update --pid ab781799-d2bb-4022-b4b9-5101cbc98e12 --serviceHeader ""
```

```console
{"values_updated":{"use_authorization_service_header":false}}
```

<a name="delete-a-permission"></a>

## Delete a permission

This command deletes a permission.

```console
ngsi application [command options] permissions --aid {id} delete [options]
ngsi applications [command options] permissions --aid {id} delete [options]
```

### Options
Expand Down
6 changes: 2 additions & 4 deletions docs/keyrock/users.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@ ngsi users list --pretty
{
"users": [
{
"scope": [],
"id": "31ea0ac1-595f-479e-9854-f911a26a3d51",
"username": "alice",
"email": "[email protected]",
Expand All @@ -57,7 +56,6 @@ ngsi users list --pretty
"website": null
},
{
"scope": [],
"id": "admin",
"username": "admin",
"email": "[email protected]",
Expand Down Expand Up @@ -101,7 +99,6 @@ ngsi users get --uid 31ea0ac1-595f-479e-9854-f911a26a3d51 --pretty
```console
{
"user": {
"scope": [],
"id": "31ea0ac1-595f-479e-9854-f911a26a3d51",
"username": "alice",
"email": "[email protected]",
Expand All @@ -111,7 +108,8 @@ ngsi users get --uid 31ea0ac1-595f-479e-9854-f911a26a3d51 --pretty
"gravatar": false,
"date_password": "2021-02-20T20:42:23.000Z",
"description": null,
"website": null
"website": null,
"extra": null
}
}
```
Expand Down
46 changes: 25 additions & 21 deletions e2e/cases/1000_common/0003_help.test
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2855,16 +2855,18 @@ CATEGORY:
Keyrock

OPTIONS:
--host VALUE, -h VALUE broker or server host VALUE (required)
--aid VALUE, -i VALUE application id (required)
--data VALUE, -d VALUE permissionrole data
--name VALUE, -n VALUE permission name
--description VALUE, -D VALUE description
--action VALUE, -a VALUE action
--resource VALUE, -r VALUE resoruce
--verbose, -v verbose (default: false)
--pretty, -P pretty format (default: false)
--help show help (default: true)
--host VALUE, -h VALUE broker or server host VALUE (required)
--aid VALUE, -i VALUE application id (required)
--data VALUE, -d VALUE permissionrole data
--name VALUE, -n VALUE permission name
--description VALUE, -D VALUE description
--action VALUE, -a VALUE action
--resource VALUE, -r VALUE resoruce
--regex, -R use resource with regex (default: false)
--serviceHeader VALUE, -S VALUE set authorization service header
--verbose, -v verbose (default: false)
--pretty, -P pretty format (default: false)
--help show help (default: true)

GLOBAL OPTIONS:
--syslog LEVEL syslog logging LEVEL (off, err, info, debug)
Expand Down Expand Up @@ -2895,17 +2897,19 @@ CATEGORY:
Keyrock

OPTIONS:
--host VALUE, -h VALUE broker or server host VALUE (required)
--aid VALUE, -i VALUE application id (required)
--pid VALUE, -p VALUE permission id (required)
--data VALUE, -d VALUE permissionrole data
--name VALUE, -n VALUE permission name
--description VALUE, -D VALUE description
--action VALUE, -a VALUE action
--resource VALUE, -r VALUE resoruce
--verbose, -v verbose (default: false)
--pretty, -P pretty format (default: false)
--help show help (default: true)
--host VALUE, -h VALUE broker or server host VALUE (required)
--aid VALUE, -i VALUE application id (required)
--pid VALUE, -p VALUE permission id (required)
--data VALUE, -d VALUE permissionrole data
--name VALUE, -n VALUE permission name
--description VALUE, -D VALUE description
--action VALUE, -a VALUE action
--resource VALUE, -r VALUE resoruce
--regex, -R use resource with regex (default: false)
--serviceHeader VALUE, -S VALUE set authorization service header
--verbose, -v verbose (default: false)
--pretty, -P pretty format (default: false)
--help show help (default: true)

GLOBAL OPTIONS:
--syslog LEVEL syslog logging LEVEL (off, err, info, debug)
Expand Down
Loading

0 comments on commit f3574b3

Please sign in to comment.