extern/zrok
1
1
Fork 0
mirror of https://github.com/openziti/zrok.git synced 2025-06-19 17:27:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

cli wiring for 'zrok share public' and 'zrok reserve' for closed permission mode (#432)

Browse Source
This commit is contained in:
Michael Quigley 2024-03-05 13:32:07 -05:00
parent 7e7671fca2
commit 3c8e5cc3a8
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/zrok/reserve.go
View File

@ -26,6 +26,8 @@ type reserveCommand struct {
oauthProvider string oauthProvider string
oauthEmailAddressPatterns []string oauthEmailAddressPatterns []string
oauthCheckInterval time.Duration oauthCheckInterval time.Duration
closed bool
accessGrants []string
cmd *cobra.Command cmd *cobra.Command
} }
@ -45,6 +47,8 @@ func newReserveCommand() *reserveCommand {
cmd.Flags().StringArrayVar(&command.oauthEmailAddressPatterns, "oauth-email-address-patterns", []string{}, "Allow only these email domains to authenticate via OAuth") cmd.Flags().StringArrayVar(&command.oauthEmailAddressPatterns, "oauth-email-address-patterns", []string{}, "Allow only these email domains to authenticate via OAuth")
cmd.Flags().DurationVar(&command.oauthCheckInterval, "oauth-check-interval", 3*time.Hour, "Maximum lifetime for OAuth authentication; reauthenticate after expiry") cmd.Flags().DurationVar(&command.oauthCheckInterval, "oauth-check-interval", 3*time.Hour, "Maximum lifetime for OAuth authentication; reauthenticate after expiry")
cmd.MarkFlagsMutuallyExclusive("basic-auth", "oauth-provider") cmd.MarkFlagsMutuallyExclusive("basic-auth", "oauth-provider")
cmd.Flags().BoolVar(&command.closed, "closed", false, "Enable closed permission mode (see --access-grant)")
cmd.Flags().StringArrayVar(&command.accessGrants, "access-grant", []string{}, "zrok accounts that area allowed to access this share (see --closed)")
cmd.Run = command.run cmd.Run = command.run
return command return command
@ -142,6 +146,10 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
req.OauthEmailAddressPatterns = cmd.oauthEmailAddressPatterns req.OauthEmailAddressPatterns = cmd.oauthEmailAddressPatterns
req.OauthAuthorizationCheckInterval = cmd.oauthCheckInterval req.OauthAuthorizationCheckInterval = cmd.oauthCheckInterval
} }
if cmd.closed {
req.PermissionMode = sdk.ClosedPermissionMode
req.AccessGrants = cmd.accessGrants
}
shr, err := sdk.CreateShare(env, req) shr, err := sdk.CreateShare(env, req)
if err != nil { if err != nil {
tui.Error("unable to create share", err) tui.Error("unable to create share", err)

8
cmd/zrok/sharePublic.go
View File

@ -33,6 +33,8 @@ type sharePublicCommand struct {
oauthProvider string oauthProvider string
oauthEmailAddressPatterns []string oauthEmailAddressPatterns []string
oauthCheckInterval time.Duration oauthCheckInterval time.Duration
closed bool
accessGrants []string
cmd *cobra.Command cmd *cobra.Command
} }
@ -47,6 +49,8 @@ func newSharePublicCommand() *sharePublicCommand {
cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, caddy, drive}") cmd.Flags().StringVarP(&command.backendMode, "backend-mode", "b", "proxy", "The backend mode {proxy, web, caddy, drive}")
cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless") cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless")
cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>") cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>")
cmd.Flags().BoolVar(&command.closed, "closed", false, "Enable closed permission mode (see --access-grant)")
cmd.Flags().StringArrayVar(&command.accessGrants, "access-grant", []string{}, "zrok accounts that area allowed to access this share (see --closed)")
cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)") cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
cmd.Flags().StringVar(&command.oauthProvider, "oauth-provider", "", "Enable OAuth provider [google, github]") cmd.Flags().StringVar(&command.oauthProvider, "oauth-provider", "", "Enable OAuth provider [google, github]")
@ -113,6 +117,10 @@ func (cmd *sharePublicCommand) run(_ *cobra.Command, args []string) {
BasicAuth: cmd.basicAuth, BasicAuth: cmd.basicAuth,
Target: target, Target: target,
} }
if cmd.closed {
req.PermissionMode = sdk.ClosedPermissionMode
req.AccessGrants = cmd.accessGrants
}
if cmd.oauthProvider != "" { if cmd.oauthProvider != "" {
req.OauthProvider = cmd.oauthProvider req.OauthProvider = cmd.oauthProvider
req.OauthEmailAddressPatterns = cmd.oauthEmailAddressPatterns req.OauthEmailAddressPatterns = cmd.oauthEmailAddressPatterns