Auth CLI, continued

2025-06-25 22:08:03 +02:00 · 2022-01-23 23:02:39 -05:00 · 2022-01-23 23:02:39 -05:00 · 393f95aeac
commit 393f95aeac
parent 03a4e3e8e9
6 changed files with 183 additions and 43 deletions
--- a/cmd/user.go
+++ b/cmd/user.go
@ -69,7 +69,7 @@ var cmdUser = &cli.Command{
 			Name:    "list",
 			Aliases: []string{"chr"},
 			Usage:   "change user role",
-			Action:  execUserChangeRole,
+			Action:  execUserList,
 		},
 	},
 }
@ -150,6 +150,42 @@ func execUserChangeRole(c *cli.Context) error {
 	return nil
 }

+func execUserList(c *cli.Context) error {
+	manager, err := createAuthManager(c)
+	if err != nil {
+		return err
+	}
+	users, err := manager.Users()
+	if err != nil {
+		return err
+	}
+	return showUsers(c, users)
+}
+
+func showUsers(c *cli.Context, users []*auth.User) error {
+	for _, user := range users {
+		fmt.Fprintf(c.App.Writer, "User %s (%s)\n", user.Name, user.Role)
+		if user.Role == auth.RoleAdmin {
+			fmt.Fprintf(c.App.ErrWriter, "- read-write access to all topics (admin role)\n")
+		} else if len(user.Grants) > 0 {
+			for _, grant := range user.Grants {
+				if grant.Read && grant.Write {
+					fmt.Fprintf(c.App.ErrWriter, "- read-write access to topic %s\n", grant.Topic)
+				} else if grant.Read {
+					fmt.Fprintf(c.App.ErrWriter, "- read-only access to topic %s\n", grant.Topic)
+				} else if grant.Write {
+					fmt.Fprintf(c.App.ErrWriter, "- write-only access to topic %s\n", grant.Topic)
+				} else {
+					fmt.Fprintf(c.App.ErrWriter, "- no access to topic %s\n", grant.Topic)
+				}
+			}
+		} else {
+			fmt.Fprintf(c.App.ErrWriter, "- no topic-specific permissions\n")
+		}
+	}
+	return nil
+}
+
 func createAuthManager(c *cli.Context) (auth.Manager, error) {
 	authFile := c.String("auth-file")
 	authDefaultAccess := c.String("auth-default-access")