trifid/tfcli/src/role.rs

use std::error::Error;
use std::fs;
use serde::{Deserialize, Serialize};
use url::Url;
use crate::api::APIErrorResponse;
use crate::{RoleCommands};

pub async fn role_main(command: RoleCommands, server: Url) -> Result<(), Box<dyn Error>> {
    match command {
        RoleCommands::List {} => list_roles(server).await,
        RoleCommands::Lookup {id} => get_role(id, server).await,
        RoleCommands::Create { name, description, rules_json } => create_role(name, description, rules_json, server).await,
        RoleCommands::Delete { id } => delete_role(id, server).await,
        RoleCommands::Update { id, description, rules_json } => update_role(id, description, rules_json, server).await
    }
}

#[derive(Deserialize)]
pub struct RoleListResp {
    pub data: Vec<Role>
}

#[derive(Deserialize)]
pub struct Role {
    pub id: String,
    pub name: String,
    pub description: String,
    #[serde(rename = "firewallRules")]
    pub firewall_rules: Vec<RoleFirewallRule>,
    #[serde(rename = "createdAt")]
    pub created_at: String,
    #[serde(rename = "modifiedAt")]
    pub modified_at: String
}
#[derive(Deserialize, Serialize)]
pub struct RoleFirewallRule {
    pub protocol: String,
    pub description: String,
    #[serde(rename = "allowedRoleID")]
    pub allowed_role_id: Option<String>,
    #[serde(rename = "portRange")]
    pub port_range: Option<RoleFirewallRulePortRange>
}
#[derive(Deserialize, Serialize)]
pub struct RoleFirewallRulePortRange {
    pub from: u16,
    pub to: u16
}

pub async fn list_roles(server: Url) -> Result<(), Box<dyn Error>> {
    let client = reqwest::Client::new();

    // load session token
    let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");
    let session_token = fs::read_to_string(&sess_token_store)?;
    let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");
    let auth_token = fs::read_to_string(&auth_token_store)?;

    let token = format!("{} {}", session_token, auth_token);

    let res = client.get(server.join("/v1/roles")?).bearer_auth(token).send().await?;

    if res.status().is_success() {
        let resp: RoleListResp = res.json().await?;

        for role in &resp.data {
            println!("            Role: {} ({})", role.name, role.id);
            println!("     Description: {}", role.description);
            for rule in &role.firewall_rules {
                println!("Rule Description: {}", rule.description);
                println!("    Allowed Role: {}", rule.allowed_role_id.as_ref().unwrap_or(&"All roles".to_string()));
                println!("        Protocol: {}", rule.protocol);
                println!("      Port Range: {}", if let Some(pr) = rule.port_range.as_ref() { format!("{}-{}", pr.from, pr.to) } else { "Any".to_string() });
            }
            println!("         Created: {}", role.created_at);
            println!("         Updated: {}", role.modified_at);
        }

        if resp.data.is_empty() {
            println!("No roles found");
        }
    } else {
        let resp: APIErrorResponse = res.json().await?;

        eprintln!("[error] Error listing roles: {} {}", resp.errors[0].code, resp.errors[0].message);

        std::process::exit(1);
    }

    Ok(())
}

#[derive(Deserialize)]
pub struct RoleGetResponse {
    pub data: Role
}

pub async fn get_role(id: String, server: Url) -> Result<(), Box<dyn Error>> {
    let client = reqwest::Client::new();

    // load session token
    let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");
    let session_token = fs::read_to_string(&sess_token_store)?;
    let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");
    let auth_token = fs::read_to_string(&auth_token_store)?;

    let token = format!("{} {}", session_token, auth_token);

    let res = client.get(server.join(&format!("/v1/roles/{}", id))?).bearer_auth(token).send().await?;

    if res.status().is_success() {
        let role: Role = res.json::<RoleGetResponse>().await?.data;

        println!("            Role: {} ({})", role.name, role.id);
        println!("     Description: {}", role.description);
        for rule in &role.firewall_rules {
            println!("Rule Description: {}", rule.description);
            println!("    Allowed Role: {}", rule.allowed_role_id.as_ref().unwrap_or(&"All roles".to_string()));
            println!("        Protocol: {}", rule.protocol);
            println!("      Port Range: {}", if let Some(pr) = rule.port_range.as_ref() { format!("{}-{}", pr.from, pr.to) } else { "Any".to_string() });
        }
        println!("         Created: {}", role.created_at);
        println!("         Updated: {}", role.modified_at);

    } else {
        let resp: APIErrorResponse = res.json().await?;

        eprintln!("[error] Error listing roles: {} {}", resp.errors[0].code, resp.errors[0].message);

        std::process::exit(1);
    }

    Ok(())
}

#[derive(Serialize)]
pub struct RoleCreateBody {
    pub name: String,
    pub description: String,
    #[serde(rename = "firewallRules")]
    pub firewall_rules: Vec<RoleFirewallRule>
}

pub async fn create_role(name: String, description: String, rules_json: String, server: Url) -> Result<(), Box<dyn Error>> {
    let client = reqwest::Client::new();

    let rules: Vec<RoleFirewallRule> = match serde_json::from_str(&rules_json) {
        Ok(r) => r,
        Err(e) => {
            eprintln!("[error] error parsing rulesJson: {}", e);
            std::process::exit(1);
        }
    };

    // load session token
    let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");
    let session_token = fs::read_to_string(&sess_token_store)?;
    let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");
    let auth_token = fs::read_to_string(&auth_token_store)?;

    let token = format!("{} {}", session_token, auth_token);

    let res = client.post(server.join(&format!("/v1/roles"))?).json(&RoleCreateBody {
        name,
        description,
        firewall_rules: rules,
    }).bearer_auth(token).send().await?;

    if res.status().is_success() {
        let role: Role = res.json::<RoleGetResponse>().await?.data;

        println!("            Role: {} ({})", role.name, role.id);
        println!("     Description: {}", role.description);
        for rule in &role.firewall_rules {
            println!("Rule Description: {}", rule.description);
            println!("    Allowed Role: {}", rule.allowed_role_id.as_ref().unwrap_or(&"All roles".to_string()));
            println!("        Protocol: {}", rule.protocol);
            println!("      Port Range: {}", if let Some(pr) = rule.port_range.as_ref() { format!("{}-{}", pr.from, pr.to) } else { "Any".to_string() });
        }
        println!("         Created: {}", role.created_at);
        println!("         Updated: {}", role.modified_at);

    } else {
        let resp: APIErrorResponse = res.json().await?;

        eprintln!("[error] Error creating role: {} {}", resp.errors[0].code, resp.errors[0].message);

        std::process::exit(1);
    }

    Ok(())
}

#[derive(Serialize)]
pub struct RoleUpdateBody {
    pub description: String,
    #[serde(rename = "firewallRules")]
    pub firewall_rules: Vec<RoleFirewallRule>
}

pub async fn update_role(id: String, description: String, rules_json: String, server: Url) -> Result<(), Box<dyn Error>> {
    let client = reqwest::Client::new();

    let rules: Vec<RoleFirewallRule> = match serde_json::from_str(&rules_json) {
        Ok(r) => r,
        Err(e) => {
            eprintln!("[error] error parsing rulesJson: {}", e);
            std::process::exit(1);
        }
    };

    // load session token
    let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");
    let session_token = fs::read_to_string(&sess_token_store)?;
    let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");
    let auth_token = fs::read_to_string(&auth_token_store)?;

    let token = format!("{} {}", session_token, auth_token);

    let res = client.put(server.join(&format!("/v1/roles/{}", id))?).json(&RoleUpdateBody {
        description,
        firewall_rules: rules,
    }).bearer_auth(token).send().await?;

    if res.status().is_success() {
        let role: Role = res.json::<RoleGetResponse>().await?.data;

        println!("            Role: {} ({})", role.name, role.id);
        println!("     Description: {}", role.description);
        for rule in &role.firewall_rules {
            println!("Rule Description: {}", rule.description);
            println!("    Allowed Role: {}", rule.allowed_role_id.as_ref().unwrap_or(&"All roles".to_string()));
            println!("        Protocol: {}", rule.protocol);
            println!("      Port Range: {}", if let Some(pr) = rule.port_range.as_ref() { format!("{}-{}", pr.from, pr.to) } else { "Any".to_string() });
        }
        println!("         Created: {}", role.created_at);
        println!("         Updated: {}", role.modified_at);

    } else {
        let resp: APIErrorResponse = res.json().await?;

        eprintln!("[error] Error updating role: {} {}", resp.errors[0].code, resp.errors[0].message);

        std::process::exit(1);
    }

    Ok(())
}

pub async fn delete_role(id: String, server: Url) -> Result<(), Box<dyn Error>> {
    let client = reqwest::Client::new();

    // load session token
    let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");
    let session_token = fs::read_to_string(&sess_token_store)?;
    let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");
    let auth_token = fs::read_to_string(&auth_token_store)?;

    let token = format!("{} {}", session_token, auth_token);

    let res = client.delete(server.join(&format!("/v1/roles/{}", id))?).bearer_auth(token).send().await?;

    if res.status().is_success() {
        println!("Role removed");
    } else {
        let resp: APIErrorResponse = res.json().await?;

        eprintln!("[error] Error removing role: {} {}", resp.errors[0].code, resp.errors[0].message);

        std::process::exit(1);
    }

    Ok(())
}
role cli 2023-06-16 02:00:09 +00:00			`use std::error::Error;`
			`use std::fs;`
			`use serde::{Deserialize, Serialize};`
			`use url::Url;`
			`use crate::api::APIErrorResponse;`
			`use crate::{RoleCommands};`

			`pub async fn role_main(command: RoleCommands, server: Url) -> Result<(), Box<dyn Error>> {`
			`match command {`
			`RoleCommands::List {} => list_roles(server).await,`
			`RoleCommands::Lookup {id} => get_role(id, server).await,`
			`RoleCommands::Create { name, description, rules_json } => create_role(name, description, rules_json, server).await,`
			`RoleCommands::Delete { id } => delete_role(id, server).await,`
			`RoleCommands::Update { id, description, rules_json } => update_role(id, description, rules_json, server).await`
			`}`
			`}`

			`#[derive(Deserialize)]`
			`pub struct RoleListResp {`
			`pub data: Vec<Role>`
			`}`

			`#[derive(Deserialize)]`
			`pub struct Role {`
			`pub id: String,`
			`pub name: String,`
			`pub description: String,`
			`#[serde(rename = "firewallRules")]`
			`pub firewall_rules: Vec<RoleFirewallRule>,`
			`#[serde(rename = "createdAt")]`
			`pub created_at: String,`
			`#[serde(rename = "modifiedAt")]`
			`pub modified_at: String`
			`}`
			`#[derive(Deserialize, Serialize)]`
			`pub struct RoleFirewallRule {`
			`pub protocol: String,`
			`pub description: String,`
			`#[serde(rename = "allowedRoleID")]`
			`pub allowed_role_id: Option<String>,`
			`#[serde(rename = "portRange")]`
			`pub port_range: Option<RoleFirewallRulePortRange>`
			`}`
			`#[derive(Deserialize, Serialize)]`
			`pub struct RoleFirewallRulePortRange {`
			`pub from: u16,`
			`pub to: u16`
			`}`

			`pub async fn list_roles(server: Url) -> Result<(), Box<dyn Error>> {`
			`let client = reqwest::Client::new();`

			`// load session token`
			`let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");`
			`let session_token = fs::read_to_string(&sess_token_store)?;`
			`let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");`
			`let auth_token = fs::read_to_string(&auth_token_store)?;`

			`let token = format!("{} {}", session_token, auth_token);`

			`let res = client.get(server.join("/v1/roles")?).bearer_auth(token).send().await?;`

			`if res.status().is_success() {`
			`let resp: RoleListResp = res.json().await?;`

			`for role in &resp.data {`
			`println!(" Role: {} ({})", role.name, role.id);`
			`println!(" Description: {}", role.description);`
			`for rule in &role.firewall_rules {`
			`println!("Rule Description: {}", rule.description);`
			`println!(" Allowed Role: {}", rule.allowed_role_id.as_ref().unwrap_or(&"All roles".to_string()));`
			`println!(" Protocol: {}", rule.protocol);`
			`println!(" Port Range: {}", if let Some(pr) = rule.port_range.as_ref() { format!("{}-{}", pr.from, pr.to) } else { "Any".to_string() });`
			`}`
			`println!(" Created: {}", role.created_at);`
			`println!(" Updated: {}", role.modified_at);`
			`}`

			`if resp.data.is_empty() {`
			`println!("No roles found");`
			`}`
			`} else {`
			`let resp: APIErrorResponse = res.json().await?;`

			`eprintln!("[error] Error listing roles: {} {}", resp.errors[0].code, resp.errors[0].message);`

			`std::process::exit(1);`
			`}`

			`Ok(())`
			`}`

			`#[derive(Deserialize)]`
			`pub struct RoleGetResponse {`
			`pub data: Role`
			`}`

			`pub async fn get_role(id: String, server: Url) -> Result<(), Box<dyn Error>> {`
			`let client = reqwest::Client::new();`

			`// load session token`
			`let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");`
			`let session_token = fs::read_to_string(&sess_token_store)?;`
			`let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");`
			`let auth_token = fs::read_to_string(&auth_token_store)?;`

			`let token = format!("{} {}", session_token, auth_token);`

			`let res = client.get(server.join(&format!("/v1/roles/{}", id))?).bearer_auth(token).send().await?;`

			`if res.status().is_success() {`
			`let role: Role = res.json::<RoleGetResponse>().await?.data;`

			`println!(" Role: {} ({})", role.name, role.id);`
			`println!(" Description: {}", role.description);`
			`for rule in &role.firewall_rules {`
			`println!("Rule Description: {}", rule.description);`
			`println!(" Allowed Role: {}", rule.allowed_role_id.as_ref().unwrap_or(&"All roles".to_string()));`
			`println!(" Protocol: {}", rule.protocol);`
			`println!(" Port Range: {}", if let Some(pr) = rule.port_range.as_ref() { format!("{}-{}", pr.from, pr.to) } else { "Any".to_string() });`
			`}`
			`println!(" Created: {}", role.created_at);`
			`println!(" Updated: {}", role.modified_at);`

			`} else {`
			`let resp: APIErrorResponse = res.json().await?;`

			`eprintln!("[error] Error listing roles: {} {}", resp.errors[0].code, resp.errors[0].message);`

			`std::process::exit(1);`
			`}`

			`Ok(())`
			`}`

			`#[derive(Serialize)]`
			`pub struct RoleCreateBody {`
			`pub name: String,`
			`pub description: String,`
			`#[serde(rename = "firewallRules")]`
			`pub firewall_rules: Vec<RoleFirewallRule>`
			`}`

			`pub async fn create_role(name: String, description: String, rules_json: String, server: Url) -> Result<(), Box<dyn Error>> {`
			`let client = reqwest::Client::new();`

			`let rules: Vec<RoleFirewallRule> = match serde_json::from_str(&rules_json) {`
			`Ok(r) => r,`
			`Err(e) => {`
			`eprintln!("[error] error parsing rulesJson: {}", e);`
			`std::process::exit(1);`
			`}`
			`};`

			`// load session token`
			`let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");`
			`let session_token = fs::read_to_string(&sess_token_store)?;`
			`let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");`
			`let auth_token = fs::read_to_string(&auth_token_store)?;`

			`let token = format!("{} {}", session_token, auth_token);`

			`let res = client.post(server.join(&format!("/v1/roles"))?).json(&RoleCreateBody {`
			`name,`
			`description,`
			`firewall_rules: rules,`
			`}).bearer_auth(token).send().await?;`

			`if res.status().is_success() {`
			`let role: Role = res.json::<RoleGetResponse>().await?.data;`

			`println!(" Role: {} ({})", role.name, role.id);`
			`println!(" Description: {}", role.description);`
			`for rule in &role.firewall_rules {`
			`println!("Rule Description: {}", rule.description);`
			`println!(" Allowed Role: {}", rule.allowed_role_id.as_ref().unwrap_or(&"All roles".to_string()));`
			`println!(" Protocol: {}", rule.protocol);`
			`println!(" Port Range: {}", if let Some(pr) = rule.port_range.as_ref() { format!("{}-{}", pr.from, pr.to) } else { "Any".to_string() });`
			`}`
			`println!(" Created: {}", role.created_at);`
			`println!(" Updated: {}", role.modified_at);`

			`} else {`
			`let resp: APIErrorResponse = res.json().await?;`

			`eprintln!("[error] Error creating role: {} {}", resp.errors[0].code, resp.errors[0].message);`

			`std::process::exit(1);`
			`}`

			`Ok(())`
			`}`

			`#[derive(Serialize)]`
			`pub struct RoleUpdateBody {`
			`pub description: String,`
			`#[serde(rename = "firewallRules")]`
			`pub firewall_rules: Vec<RoleFirewallRule>`
			`}`

			`pub async fn update_role(id: String, description: String, rules_json: String, server: Url) -> Result<(), Box<dyn Error>> {`
			`let client = reqwest::Client::new();`

			`let rules: Vec<RoleFirewallRule> = match serde_json::from_str(&rules_json) {`
			`Ok(r) => r,`
			`Err(e) => {`
			`eprintln!("[error] error parsing rulesJson: {}", e);`
			`std::process::exit(1);`
			`}`
			`};`

			`// load session token`
			`let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");`
			`let session_token = fs::read_to_string(&sess_token_store)?;`
			`let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");`
			`let auth_token = fs::read_to_string(&auth_token_store)?;`

			`let token = format!("{} {}", session_token, auth_token);`

			`let res = client.put(server.join(&format!("/v1/roles/{}", id))?).json(&RoleUpdateBody {`
			`description,`
			`firewall_rules: rules,`
			`}).bearer_auth(token).send().await?;`

			`if res.status().is_success() {`
			`let role: Role = res.json::<RoleGetResponse>().await?.data;`

			`println!(" Role: {} ({})", role.name, role.id);`
			`println!(" Description: {}", role.description);`
			`for rule in &role.firewall_rules {`
			`println!("Rule Description: {}", rule.description);`
			`println!(" Allowed Role: {}", rule.allowed_role_id.as_ref().unwrap_or(&"All roles".to_string()));`
			`println!(" Protocol: {}", rule.protocol);`
			`println!(" Port Range: {}", if let Some(pr) = rule.port_range.as_ref() { format!("{}-{}", pr.from, pr.to) } else { "Any".to_string() });`
			`}`
			`println!(" Created: {}", role.created_at);`
			`println!(" Updated: {}", role.modified_at);`

			`} else {`
			`let resp: APIErrorResponse = res.json().await?;`

			`eprintln!("[error] Error updating role: {} {}", resp.errors[0].code, resp.errors[0].message);`

			`std::process::exit(1);`
			`}`

			`Ok(())`
			`}`

			`pub async fn delete_role(id: String, server: Url) -> Result<(), Box<dyn Error>> {`
			`let client = reqwest::Client::new();`

			`// load session token`
			`let sess_token_store = dirs::config_dir().unwrap().join("tfcli-session.token");`
			`let session_token = fs::read_to_string(&sess_token_store)?;`
			`let auth_token_store = dirs::config_dir().unwrap().join("tfcli-auth.token");`
			`let auth_token = fs::read_to_string(&auth_token_store)?;`

			`let token = format!("{} {}", session_token, auth_token);`

			`let res = client.delete(server.join(&format!("/v1/roles/{}", id))?).bearer_auth(token).send().await?;`

			`if res.status().is_success() {`
			`println!("Role removed");`
			`} else {`
			`let resp: APIErrorResponse = res.json().await?;`

			`eprintln!("[error] Error removing role: {} {}", resp.errors[0].code, resp.errors[0].message);`

			`std::process::exit(1);`
			`}`

			`Ok(())`
			`}`