@ScriptUsage(
description = "join security group",
arguments = {
@ScriptArgument(
name = "group name",
type = "string",
description = "name of security group"),
@ScriptArgument(name = "login name", type = "string", description = "account login name")
})
public void joinSecurityGroup(String[] args) {
SecurityGroup group = findSecurityGroupByName(args[0]);
if (group == null) {
context.println("security group not found");
return;
}
for (int i = 1; i < args.length; i++) {
String loginName = args[i];
Account account = accountService.getAccount(loginName);
if (account == null) {
context.println("account [" + loginName + "] not found. skipping.");
continue;
}
group.getAccounts().add(account.getLoginName());
}
accountService.updateSecurityGroup(null, group);
context.println("updated");
}
@ScriptUsage(
description = "revoke table access from group",
arguments = {
@ScriptArgument(name = "table name", type = "string", description = "table name"),
@ScriptArgument(name = "type", type = "string", description = "user or group"),
@ScriptArgument(
name = "login name or group name",
type = "string",
description = "name of user or security group")
})
public void revokeTable(String[] args) {
String tableName = args[0];
String type = args[1];
if (!tableRegistry.exists(tableName)) {
context.println("table not found: " + tableName);
return;
}
if (!type.equals("user") && !type.equals("group")) {
context.println("invalid type, use 'user' or 'group'");
return;
}
if (type.equals("user")) {
for (int i = 2; i < args.length; i++) {
String loginName = args[i];
if (accountService.getAccount(loginName) == null) {
context.println("account [" + loginName + "] not found, skipping");
continue;
}
accountService.revokePrivilege(null, loginName, tableName, Permission.READ);
}
} else if (type.equals("group")) {
Map<String, SecurityGroup> groupMap = getSecurityGroupMap();
for (int i = 2; i < args.length; i++) {
String groupName = args[i];
SecurityGroup group = groupMap.get(groupName);
if (group == null) {
context.println("security group [" + groupName + "] not found, skipping");
continue;
}
group.getReadableTables().remove(tableName);
accountService.updateSecurityGroup(null, group);
}
}
context.println("revoked");
}
@ScriptUsage(
description = "leave security group",
arguments = {
@ScriptArgument(
name = "group name",
type = "string",
description = "name of security group"),
@ScriptArgument(name = "login name", type = "string", description = "account login name")
})
public void leaveSecurityGroup(String[] args) {
SecurityGroup group = findSecurityGroupByName(args[0]);
if (group == null) {
context.println("security group not found");
return;
}
for (int i = 1; i < args.length; i++) group.getAccounts().remove(args[i]);
accountService.updateSecurityGroup(null, group);
context.println("updated");
}
