Beispiel #1
0
  @ScriptUsage(
      description = "join security group",
      arguments = {
        @ScriptArgument(
            name = "group name",
            type = "string",
            description = "name of security group"),
        @ScriptArgument(name = "login name", type = "string", description = "account login name")
      })
  public void joinSecurityGroup(String[] args) {
    SecurityGroup group = findSecurityGroupByName(args[0]);
    if (group == null) {
      context.println("security group not found");
      return;
    }

    for (int i = 1; i < args.length; i++) {
      String loginName = args[i];
      Account account = accountService.getAccount(loginName);
      if (account == null) {
        context.println("account [" + loginName + "] not found. skipping.");
        continue;
      }

      group.getAccounts().add(account.getLoginName());
    }

    accountService.updateSecurityGroup(null, group);
    context.println("updated");
  }
Beispiel #2
0
  @ScriptUsage(
      description = "revoke table access from group",
      arguments = {
        @ScriptArgument(name = "table name", type = "string", description = "table name"),
        @ScriptArgument(name = "type", type = "string", description = "user or group"),
        @ScriptArgument(
            name = "login name or group name",
            type = "string",
            description = "name of user or security group")
      })
  public void revokeTable(String[] args) {
    String tableName = args[0];
    String type = args[1];

    if (!tableRegistry.exists(tableName)) {
      context.println("table not found: " + tableName);
      return;
    }

    if (!type.equals("user") && !type.equals("group")) {
      context.println("invalid type, use 'user' or 'group'");
      return;
    }

    if (type.equals("user")) {
      for (int i = 2; i < args.length; i++) {
        String loginName = args[i];
        if (accountService.getAccount(loginName) == null) {
          context.println("account [" + loginName + "] not found, skipping");
          continue;
        }

        accountService.revokePrivilege(null, loginName, tableName, Permission.READ);
      }
    } else if (type.equals("group")) {
      Map<String, SecurityGroup> groupMap = getSecurityGroupMap();
      for (int i = 2; i < args.length; i++) {
        String groupName = args[i];
        SecurityGroup group = groupMap.get(groupName);
        if (group == null) {
          context.println("security group [" + groupName + "] not found, skipping");
          continue;
        }

        group.getReadableTables().remove(tableName);
        accountService.updateSecurityGroup(null, group);
      }
    }

    context.println("revoked");
  }
Beispiel #3
0
  @ScriptUsage(
      description = "leave security group",
      arguments = {
        @ScriptArgument(
            name = "group name",
            type = "string",
            description = "name of security group"),
        @ScriptArgument(name = "login name", type = "string", description = "account login name")
      })
  public void leaveSecurityGroup(String[] args) {
    SecurityGroup group = findSecurityGroupByName(args[0]);
    if (group == null) {
      context.println("security group not found");
      return;
    }

    for (int i = 1; i < args.length; i++) group.getAccounts().remove(args[i]);

    accountService.updateSecurityGroup(null, group);
    context.println("updated");
  }