feat: Permission Set management (#203)

* chore: refactor permissions to permission

* feat: ls permission sets

* feat: cat, import, rm permission sets

* fix: forgot to update unit test.

* fix: display sub-subcommands in help properly

lib/gzr/cli.rb

@@ -45,7 +45,6 @@ def self.exit_on_failure?
     class_option :force, type: :boolean, default: false, desc: 'Overwrite objects on server'
     class_option :su, type: :string, desc: 'After connecting, change to user_id given'
     class_option :width, type: :numeric, default: nil, desc: 'Width of rendering for tables'
-    class_option :persistent, type: :boolean, default: false, desc: 'Use persistent connection to communicate with host'
     class_option :token, type: :string, default: nil, desc: "Access token to use for authentication"
     class_option :token_file, type: :boolean, default: false, desc: "Use access token stored in file for authentication"
 
@@ -59,15 +58,17 @@ def version
     end
     map %w(--version -v) => :version
     map space: :folder  # Alias space command to folder
+#    map permissions: :permission  # Alias permissions command to permission
+
 
     require_relative 'commands/alert'
     register Gzr::Commands::Alert, 'alert', 'alert [SUBCOMMAND]', 'Command description...'
 
     require_relative 'commands/attribute'
     register Gzr::Commands::Attribute, 'attribute', 'attribute [SUBCOMMAND]', 'Command description...'
 
-    require_relative 'commands/permissions'
-    register Gzr::Commands::Permissions, 'permissions', 'permissions [SUBCOMMAND]', 'Command to retrieve available permissions'
+    require_relative 'commands/permission'
+    register Gzr::Commands::Permission, 'permission', 'permission [SUBCOMMAND]', 'Command to retrieve available permission'
 
     require_relative 'commands/query'
     register Gzr::Commands::Query, 'query', 'query [SUBCOMMAND]', 'Commands to retrieve and run queries'

lib/gzr/commands/permissions.rb → lib/gzr/commands/permission.rb

@@ -21,13 +21,16 @@
 
 # frozen_string_literal: true
 
-require 'thor'
+require_relative 'subcommandbase'
 
 module Gzr
   module Commands
-    class Permissions < Thor
+    class Permission < SubCommandBase
 
-      namespace :permissions
+      require_relative 'permission/set'
+      register Gzr::Commands::Permission::Set, 'set', 'set [SUBCOMMAND]', 'Commands pertaining to permission sets'
+
+      namespace :permission
 
       desc 'ls', 'List all available permissions'
       method_option :help, aliases: '-h', type: :boolean,
@@ -40,8 +43,8 @@ def ls(*)
         if options[:help]
           invoke :help, ['ls']
         else
-          require_relative 'permissions/ls'
-          Gzr::Commands::Permissions::Ls.new(options).execute
+          require_relative 'permission/ls'
+          Gzr::Commands::Permission::Ls.new(options).execute
         end
       end
 
@@ -52,8 +55,8 @@ def tree(*)
         if options[:help]
           invoke :help, ['tree']
         else
-          require_relative 'permissions/tree'
-          Gzr::Commands::Permissions::Tree.new(options).execute
+          require_relative 'permission/tree'
+          Gzr::Commands::Permission::Tree.new(options).execute
         end
       end
 

lib/gzr/commands/permissions/ls.rb → lib/gzr/commands/permission/ls.rb

@@ -22,16 +22,16 @@
 # frozen_string_literal: true
 
 require_relative '../../command'
-require_relative '../../modules/permissions'
+require_relative '../../modules/permission'
 require 'tty-table'
 
 require_relative '../../command'
 
 module Gzr
   module Commands
-    class Permissions
+    class Permission
       class Ls < Gzr::Command
-        include Gzr::Permissions
+        include Gzr::Permission
         def initialize(options)
           super()
           @options = options

lib/gzr/commands/permission/set.rb

@@ -0,0 +1,98 @@
+# The MIT License (MIT)
+
+# Copyright (c) 2023 Mike DeAngelo Google, Inc.
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+# frozen_string_literal: true
+
+require_relative '../subcommandbase'
+
+module Gzr
+  module Commands
+    class Permission
+      class Set < SubCommandBase
+
+        namespace :'permission set'
+
+        desc 'ls', 'List the permission sets in this server.'
+        method_option :help, aliases: '-h', type: :boolean,
+                             desc: 'Display usage information'
+        method_option :fields, type: :string, default: 'id,name,permissions,built_in,all_access',
+                             desc: 'Fields to display'
+        method_option :plain, type: :boolean, default: false,
+                             desc: 'print without any extra formatting'
+        method_option :csv, type: :boolean, default: false,
+                             desc: 'output in csv format per RFC4180'
+        def ls(*)
+          if options[:help]
+            invoke :help, ['ls']
+          else
+            require_relative 'set/ls'
+            Gzr::Commands::Permission::Set::Ls.new(options).execute
+          end
+        end
+
+        desc 'cat PERMISSION_SET_ID', 'Output json information about a permission set to screen or file'
+        method_option :help, aliases: '-h', type: :boolean,
+                             desc: 'Display usage information'
+        method_option :dir,  type: :string,
+                             desc: 'Directory to store output file'
+        method_option :trim, type: :boolean,
+                             desc: 'Trim output to minimal set of fields for later import'
+        def cat(permission_set_id)
+          if options[:help]
+            invoke :help, ['cat']
+          else
+            require_relative 'set/cat'
+            Gzr::Commands::Permission::Set::Cat.new(permission_set_id,options).execute
+          end
+        end
+
+        desc 'import FILE', 'Import a permission set from a file'
+        method_option :help, aliases: '-h', type: :boolean,
+                             desc: 'Display usage information'
+        method_option :force, type: :boolean,
+                             desc: 'Overwrite an existing permission set'
+        method_option :plain, type: :boolean, default: false,
+                             desc: 'print without any extra formatting'
+        def import(file)
+          if options[:help]
+            invoke :help, ['import']
+          else
+            require_relative 'set/import'
+            Gzr::Commands::Permission::Set::Import.new(file, options).execute
+          end
+        end
+
+        desc 'rm PERMISSION_SET_ID', 'Delete the permission_set given by PERMISSION_SET_ID'
+        method_option :help, aliases: '-h', type: :boolean,
+                             desc: 'Display usage information'
+        def rm(permission_set_id)
+          if options[:help]
+            invoke :help, ['delete']
+          else
+            require_relative 'set/rm'
+            Gzr::Commands::Permission::Set::Delete.new(permission_set_id,options).execute
+          end
+        end
+
+      end
+    end
+  end
+end

lib/gzr/commands/permission/set/cat.rb

@@ -0,0 +1,60 @@
+# The MIT License (MIT)
+
+# Copyright (c) 2023 Mike DeAngelo Google, Inc.
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+# frozen_string_literal: true
+
+require_relative '../../../command'
+require_relative '../../../modules/permission/set'
+require_relative '../../../modules/filehelper'
+
+module Gzr
+  module Commands
+    class Permission
+      class Set
+        class Cat < Gzr::Command
+          include Gzr::Permission::Set
+          include Gzr::FileHelper
+          def initialize(permission_set_id,options)
+            super()
+            @permission_set_id = permission_set_id
+            @options = options
+          end
+
+          def execute(input: $stdin, output: $stdout)
+            say_warning(@options) if @options[:debug]
+            with_session do
+              data = cat_permission_set(@permission_set_id)
+              if data.nil?
+                say_warning "Permission Set #{permission_set_id} not found"
+                return
+              end
+              data = trim_permission_set(data) if @options[:trim]
+
+              write_file(@options[:dir] ? "Permission_Set_#{data[:name]}.json" : nil, @options[:dir],nil, output) do |f|
+                f.puts JSON.pretty_generate(data)
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

lib/gzr/commands/permission/set/import.rb

@@ -0,0 +1,73 @@
+# The MIT License (MIT)
+
+# Copyright (c) 2023 Mike DeAngelo Google, Inc.
+
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+# the Software, and to permit persons to whom the Software is furnished to do so,
+# subject to the following conditions:
+
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+# frozen_string_literal: true
+
+require_relative '../../../../gzr'
+require_relative '../../../command'
+require_relative '../../../modules/permission/set'
+require_relative '../../../modules/filehelper'
+
+module Gzr
+  module Commands
+    class Permission
+      class Set
+        class Import < Gzr::Command
+          include Gzr::Permission::Set
+          include Gzr::FileHelper
+          def initialize(file, options)
+            super()
+            @file = file
+            @options = options
+          end
+
+          def execute(input: $stdin, output: $stdout)
+            say_warning("options: #{@options.inspect}", output: output) if @options[:debug]
+            with_session do
+              permission_set = nil
+
+              read_file(@file) do |data|
+                search_results = search_permission_sets(name: data[:name])
+                if search_results && search_results.length == 1
+                  name = data[:name]
+                  if !@options[:force]
+                    raise Gzr::CLI::Error, "Permission Set #{name} already exists\nUse --force if you want to overwrite it"
+                  end
+                  data.select! do |k,v|
+                    keys_to_keep('update_permission_set').include? k
+                  end
+                  permission_set = update_permission_set(search_results.first[:id], data)
+                else
+                  data.select! do |k,v|
+                    keys_to_keep('create_permission_set').include? k
+                  end
+                  permission_set = create_permission_set(data)
+                end
+                output.puts "Imported permission set #{permission_set[:id]}" unless @options[:plain]
+                output.puts permission_set[:id] if @options[:name]
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end