From 822a55a04af8c45c23f8145055dc1cbc6e2c6ab8 Mon Sep 17 00:00:00 2001 From: Sergiu Ghitea Date: Thu, 12 Jan 2023 20:40:31 +0100 Subject: [PATCH] Add ability to assign roles to a user --- docs/auth0_users_roles.md | 1 + docs/auth0_users_roles_assign.md | 45 ++++++++++ docs/auth0_users_roles_show.md | 1 + internal/auth0/user.go | 3 + internal/cli/users_roles.go | 139 ++++++++++++++++++++++++++++++- 5 files changed, 186 insertions(+), 3 deletions(-) create mode 100644 docs/auth0_users_roles_assign.md diff --git a/docs/auth0_users_roles.md b/docs/auth0_users_roles.md index 3aaa3c0c3..f56c426f7 100644 --- a/docs/auth0_users_roles.md +++ b/docs/auth0_users_roles.md @@ -7,5 +7,6 @@ Manage a user's assigned roles. To learn more about roles and their behavior, re ## Commands +- [auth0 users roles assign](auth0_users_roles_assign.md) - Assign roles to a user - [auth0 users roles show](auth0_users_roles_show.md) - Show a user's roles diff --git a/docs/auth0_users_roles_assign.md b/docs/auth0_users_roles_assign.md new file mode 100644 index 000000000..cf4942b89 --- /dev/null +++ b/docs/auth0_users_roles_assign.md @@ -0,0 +1,45 @@ +--- +layout: default +--- +# auth0 users roles assign + +Assign existing roles to a user. + +## Usage +``` +auth0 users roles assign [flags] +``` + +## Examples + +``` + auth0 users roles assign + auth0 users roles associate --roles + auth0 users roles add -r "rol_1eKJp3jV04SiU04h,rol_2eKJp3jV04SiU04h" +``` + + +## Flags + +``` + --json Output in json format. + -r, --roles strings Roles to assign to a user. +``` + + +## InheritedFlags + +``` + --debug Enable debug mode. + --no-color Disable colors. + --no-input Disable interactivity. + --tenant string Specific tenant to use. +``` + + +## Related Commands + +- [auth0 users roles assign](auth0_users_roles_assign.md) - Assign roles to a user +- [auth0 users roles show](auth0_users_roles_show.md) - Show a user's roles + + diff --git a/docs/auth0_users_roles_show.md b/docs/auth0_users_roles_show.md index b5617f357..2b71f9ae8 100644 --- a/docs/auth0_users_roles_show.md +++ b/docs/auth0_users_roles_show.md @@ -38,6 +38,7 @@ auth0 users roles show [flags] ## Related Commands +- [auth0 users roles assign](auth0_users_roles_assign.md) - Assign roles to a user - [auth0 users roles show](auth0_users_roles_show.md) - Show a user's roles diff --git a/internal/auth0/user.go b/internal/auth0/user.go index 3ffd29b9d..f48bc83ac 100644 --- a/internal/auth0/user.go +++ b/internal/auth0/user.go @@ -30,4 +30,7 @@ type UserAPI interface { // Roles lists all roles associated with a user. Roles(id string, opts ...management.RequestOption) (r *management.RoleList, err error) + + // AssignRoles assigns roles to a user. + AssignRoles(id string, roles []*management.Role, opts ...management.RequestOption) error } diff --git a/internal/cli/users_roles.go b/internal/cli/users_roles.go index 6d7d1bcb0..6a0031963 100644 --- a/internal/cli/users_roles.go +++ b/internal/cli/users_roles.go @@ -2,13 +2,31 @@ package cli import ( "fmt" + "strings" + "github.com/AlecAivazis/survey/v2" "github.com/auth0/go-auth0/management" "github.com/spf13/cobra" "github.com/auth0/auth0-cli/internal/ansi" + "github.com/auth0/auth0-cli/internal/auth0" ) +var ( + userRoles = Flag{ + Name: "Roles", + LongForm: "roles", + ShortForm: "r", + Help: "Roles to assign to a user.", + IsRequired: true, + } +) + +type userRolesInput struct { + ID string + Roles []string +} + func userRolesCmd(cli *cli) *cobra.Command { cmd := &cobra.Command{ Use: "roles", @@ -19,14 +37,13 @@ func userRolesCmd(cli *cli) *cobra.Command { cmd.SetUsageTemplate(resourceUsageTemplate()) cmd.AddCommand(showUserRolesCmd(cli)) + cmd.AddCommand(addUserRolesCmd(cli)) return cmd } func showUserRolesCmd(cli *cli) *cobra.Command { - var inputs struct { - ID string - } + var inputs userRolesInput cmd := &cobra.Command{ Use: "show", @@ -63,3 +80,119 @@ func showUserRolesCmd(cli *cli) *cobra.Command { return cmd } + +func addUserRolesCmd(cli *cli) *cobra.Command { + var inputs userRolesInput + + cmd := &cobra.Command{ + Use: "assign", + Aliases: []string{"add", "associate"}, + Args: cobra.MaximumNArgs(1), + Short: "Assign roles to a user", + Long: "Assign existing roles to a user.", + Example: ` auth0 users roles assign + auth0 users roles associate --roles + auth0 users roles add -r "rol_1eKJp3jV04SiU04h,rol_2eKJp3jV04SiU04h"`, + RunE: func(cmd *cobra.Command, args []string) error { + if len(args) == 0 { + if err := userID.Ask(cmd, &inputs.ID); err != nil { + return err + } + } else { + inputs.ID = args[0] + } + + if len(inputs.Roles) == 0 { + if err := cli.pickUserRoles(&inputs); err != nil { + return err + } + } + + var rolesToAssign []*management.Role + for _, roleID := range inputs.Roles { + rolesToAssign = append(rolesToAssign, &management.Role{ + ID: auth0.String(roleID), + }) + } + + if err := ansi.Waiting(func() (err error) { + return cli.api.User.AssignRoles(inputs.ID, rolesToAssign) + }); err != nil { + return fmt.Errorf("failed to assign roles for user with ID %s: %w", inputs.ID, err) + } + + var userRoleList *management.RoleList + if err := ansi.Waiting(func() (err error) { + userRoleList, err = cli.api.User.Roles(inputs.ID) + return err + }); err != nil { + return fmt.Errorf("failed to find roles for user with ID %s: %w", inputs.ID, err) + } + + cli.renderer.UserRoleList(userRoleList.Roles) + + return nil + }, + } + + userRoles.RegisterStringSlice(cmd, &inputs.Roles, nil) + cmd.Flags().BoolVar(&cli.json, "json", false, "Output in json format.") + + return cmd +} + +func (cli *cli) pickUserRoles(inputs *userRolesInput) error { + var currentUserRoleList *management.RoleList + if err := ansi.Waiting(func() (err error) { + currentUserRoleList, err = cli.api.User.Roles(inputs.ID) + return err + }); err != nil { + return fmt.Errorf("failed to find the current roles for user with ID %s: %w", inputs.ID, err) + } + + var roleList *management.RoleList + if err := ansi.Waiting(func() (err error) { + roleList, err = cli.api.Role.List() + return err + }); err != nil { + return fmt.Errorf("failed to list all roles: %w", err) + } + + if len(roleList.Roles) == len(currentUserRoleList.Roles) { + return fmt.Errorf("the user with ID %q already has all possible roles assigned", inputs.ID) + } + + const emptySpace = " " + var options []string + for _, role := range roleList.Roles { + if !containsRole(currentUserRoleList.Roles, role.GetID()) { + options = append(options, fmt.Sprintf("%s%s(Name: %s)", role.GetID(), emptySpace, role.GetName())) + } + } + + rolesPrompt := &survey.MultiSelect{ + Message: "Roles", + Options: options, + } + + var selectedRoles []string + if err := survey.AskOne(rolesPrompt, &selectedRoles); err != nil { + return err + } + + for _, selectedRole := range selectedRoles { + indexOfFirstEmptySpace := strings.Index(selectedRole, emptySpace) + inputs.Roles = append(inputs.Roles, selectedRole[:indexOfFirstEmptySpace]) + } + + return nil +} + +func containsRole(roles []*management.Role, roleID string) bool { + for _, role := range roles { + if role.GetID() == roleID { + return true + } + } + return false +}