@ScriptUsage(
description = "join security group",
arguments = {
@ScriptArgument(
name = "group name",
type = "string",
description = "name of security group"),
@ScriptArgument(name = "login name", type = "string", description = "account login name")
})
public void joinSecurityGroup(String[] args) {
SecurityGroup group = findSecurityGroupByName(args[0]);
if (group == null) {
context.println("security group not found");
return;
}
for (int i = 1; i < args.length; i++) {
String loginName = args[i];
Account account = accountService.getAccount(loginName);
if (account == null) {
context.println("account [" + loginName + "] not found. skipping.");
continue;
}
group.getAccounts().add(account.getLoginName());
}
accountService.updateSecurityGroup(null, group);
context.println("updated");
}
public void authServices(String[] args) {
context.println("External Auth Services");
context.println("------------------------");
ExternalAuthService using = accountService.getUsingAuthService();
for (ExternalAuthService s : accountService.getAuthServices()) {
context.print(using == s ? "[*] " : "[ ] ");
context.println(s.getName() + " - " + s);
}
}
public void accounts(String[] args) {
context.println("Accounts");
context.println("----------");
for (String loginName : accountService.getAccountNames()) {
Account account = accountService.getAccount(loginName);
String admin = "";
if (account.isAdmin()) admin = " (admin)";
context.println(loginName + admin);
}
}
@ScriptUsage(
description = "revoke table access from group",
arguments = {
@ScriptArgument(name = "table name", type = "string", description = "table name"),
@ScriptArgument(name = "type", type = "string", description = "user or group"),
@ScriptArgument(
name = "login name or group name",
type = "string",
description = "name of user or security group")
})
public void revokeTable(String[] args) {
String tableName = args[0];
String type = args[1];
if (!tableRegistry.exists(tableName)) {
context.println("table not found: " + tableName);
return;
}
if (!type.equals("user") && !type.equals("group")) {
context.println("invalid type, use 'user' or 'group'");
return;
}
if (type.equals("user")) {
for (int i = 2; i < args.length; i++) {
String loginName = args[i];
if (accountService.getAccount(loginName) == null) {
context.println("account [" + loginName + "] not found, skipping");
continue;
}
accountService.revokePrivilege(null, loginName, tableName, Permission.READ);
}
} else if (type.equals("group")) {
Map<String, SecurityGroup> groupMap = getSecurityGroupMap();
for (int i = 2; i < args.length; i++) {
String groupName = args[i];
SecurityGroup group = groupMap.get(groupName);
if (group == null) {
context.println("security group [" + groupName + "] not found, skipping");
continue;
}
group.getReadableTables().remove(tableName);
accountService.updateSecurityGroup(null, group);
}
}
context.println("revoked");
}
// name to security group map
private Map<String, SecurityGroup> getSecurityGroupMap() {
Map<String, SecurityGroup> m = new HashMap<String, SecurityGroup>();
for (SecurityGroup group : accountService.getSecurityGroups()) {
m.put(group.getName(), group);
}
return m;
}
public void sessions(String[] args) {
context.println("Current Sessions");
context.println("------------------");
for (Session session : accountService.getSessions()) {
context.println(session);
}
}
public void securityGroups(String[] args) {
context.println("Security Groups");
context.println("-----------------");
for (SecurityGroup group : accountService.getSecurityGroups()) {
context.println(group);
}
}
private SecurityGroup findSecurityGroupByName(String name) {
SecurityGroup found = null;
for (SecurityGroup group : accountService.getSecurityGroups()) {
if (group.getName().equals(name)) {
found = group;
break;
}
}
return found;
}
@ScriptUsage(
description = "remove security group",
arguments = {
@ScriptArgument(
name = "group name",
type = "string",
description = "name of security group")
})
public void removeSecurityGroup(String[] args) {
SecurityGroup found = findSecurityGroupByName(args[0]);
if (found == null) {
context.println("security group not found");
return;
}
accountService.removeSecurityGroup(null, found.getGuid());
context.println("removed");
}
@ScriptUsage(
description = "leave security group",
arguments = {
@ScriptArgument(
name = "group name",
type = "string",
description = "name of security group"),
@ScriptArgument(name = "login name", type = "string", description = "account login name")
})
public void leaveSecurityGroup(String[] args) {
SecurityGroup group = findSecurityGroupByName(args[0]);
if (group == null) {
context.println("security group not found");
return;
}
for (int i = 1; i < args.length; i++) group.getAccounts().remove(args[i]);
accountService.updateSecurityGroup(null, group);
context.println("updated");
}
@ScriptUsage(
description = "create security group",
arguments = {
@ScriptArgument(
name = "group name",
type = "string",
description = "name of security group"),
@ScriptArgument(
name = "description",
type = "string",
description = "description",
optional = true)
})
public void createSecurityGroup(String[] args) {
SecurityGroup group = new SecurityGroup();
group.setName(args[0]);
if (args.length > 1) group.setDescription(args[1]);
accountService.createSecurityGroup(null, group);
context.println("created");
}
public void useAuthService(String[] args) {
accountService.useAuthService(args.length > 0 ? args[0] : null);
context.println(args.length > 0 ? "set" : "unset");
}
public void setInstanceGuid(String[] args) {
accountService.setInstanceGuid(args[0]);
}
public void instanceGuid(String[] args) {
context.println(accountService.getInstanceGuid());
}