@ScriptUsage( description = "join security group", arguments = { @ScriptArgument( name = "group name", type = "string", description = "name of security group"), @ScriptArgument(name = "login name", type = "string", description = "account login name") }) public void joinSecurityGroup(String[] args) { SecurityGroup group = findSecurityGroupByName(args[0]); if (group == null) { context.println("security group not found"); return; } for (int i = 1; i < args.length; i++) { String loginName = args[i]; Account account = accountService.getAccount(loginName); if (account == null) { context.println("account [" + loginName + "] not found. skipping."); continue; } group.getAccounts().add(account.getLoginName()); } accountService.updateSecurityGroup(null, group); context.println("updated"); }
@ScriptUsage( description = "revoke table access from group", arguments = { @ScriptArgument(name = "table name", type = "string", description = "table name"), @ScriptArgument(name = "type", type = "string", description = "user or group"), @ScriptArgument( name = "login name or group name", type = "string", description = "name of user or security group") }) public void revokeTable(String[] args) { String tableName = args[0]; String type = args[1]; if (!tableRegistry.exists(tableName)) { context.println("table not found: " + tableName); return; } if (!type.equals("user") && !type.equals("group")) { context.println("invalid type, use 'user' or 'group'"); return; } if (type.equals("user")) { for (int i = 2; i < args.length; i++) { String loginName = args[i]; if (accountService.getAccount(loginName) == null) { context.println("account [" + loginName + "] not found, skipping"); continue; } accountService.revokePrivilege(null, loginName, tableName, Permission.READ); } } else if (type.equals("group")) { Map<String, SecurityGroup> groupMap = getSecurityGroupMap(); for (int i = 2; i < args.length; i++) { String groupName = args[i]; SecurityGroup group = groupMap.get(groupName); if (group == null) { context.println("security group [" + groupName + "] not found, skipping"); continue; } group.getReadableTables().remove(tableName); accountService.updateSecurityGroup(null, group); } } context.println("revoked"); }
@ScriptUsage( description = "leave security group", arguments = { @ScriptArgument( name = "group name", type = "string", description = "name of security group"), @ScriptArgument(name = "login name", type = "string", description = "account login name") }) public void leaveSecurityGroup(String[] args) { SecurityGroup group = findSecurityGroupByName(args[0]); if (group == null) { context.println("security group not found"); return; } for (int i = 1; i < args.length; i++) group.getAccounts().remove(args[i]); accountService.updateSecurityGroup(null, group); context.println("updated"); }