From b4d3a5b89dff70148ab3f28956a80775d69325da Mon Sep 17 00:00:00 2001 From: Michael Quigley Date: Wed, 25 Jun 2025 13:03:25 -0400 Subject: [PATCH] create/delete frontend grant cli; api testing (#992) --- cmd/zrok/adminCreateFrontend.go | 7 +--- cmd/zrok/adminCreateFrontendGrant.go | 56 ++++++++++++++++++++++++++++ cmd/zrok/adminDeleteFrontendGrant.go | 56 ++++++++++++++++++++++++++++ controller/addFrontendGrant.go | 7 +++- controller/deleteFrontendGrant.go | 5 +++ 5 files changed, 125 insertions(+), 6 deletions(-) create mode 100644 cmd/zrok/adminCreateFrontendGrant.go create mode 100644 cmd/zrok/adminDeleteFrontendGrant.go diff --git a/cmd/zrok/adminCreateFrontend.go b/cmd/zrok/adminCreateFrontend.go index 01460e9c..4af02572 100644 --- a/cmd/zrok/adminCreateFrontend.go +++ b/cmd/zrok/adminCreateFrontend.go @@ -7,7 +7,6 @@ import ( "github.com/openziti/zrok/tui" "github.com/sirupsen/logrus" "github.com/spf13/cobra" - "os" ) func init() { @@ -36,12 +35,12 @@ func (cmd *adminCreateFrontendCommand) run(_ *cobra.Command, args []string) { publicName := args[1] urlTemplate := args[2] - env, err := environment.LoadRoot() + root, err := environment.LoadRoot() if err != nil { panic(err) } - zrok, err := env.Client() + zrok, err := root.Client() if err != nil { panic(err) } @@ -61,10 +60,8 @@ func (cmd *adminCreateFrontendCommand) run(_ *cobra.Command, args []string) { switch err.(type) { case *admin.CreateFrontendBadRequest: tui.Error("create frontend request failed: name already exists", err) - os.Exit(1) default: tui.Error("create frontend request failed", err) - os.Exit(1) } } diff --git a/cmd/zrok/adminCreateFrontendGrant.go b/cmd/zrok/adminCreateFrontendGrant.go new file mode 100644 index 00000000..95db48a3 --- /dev/null +++ b/cmd/zrok/adminCreateFrontendGrant.go @@ -0,0 +1,56 @@ +package main + +import ( + "os" + + "github.com/openziti/zrok/environment" + "github.com/openziti/zrok/rest_client_zrok/admin" + "github.com/sirupsen/logrus" + "github.com/spf13/cobra" +) + +func init() { + adminCreateCmd.AddCommand(newAdminCreateFrontendGrantCommand().cmd) +} + +type adminCreateFrontendGrantCommand struct { + cmd *cobra.Command +} + +func newAdminCreateFrontendGrantCommand() *adminCreateFrontendGrantCommand { + cmd := &cobra.Command{ + Use: "frontend-grant ", + Aliases: []string{"fg"}, + Short: "Grant an account access to a frontend", + Args: cobra.ExactArgs(2), + } + command := &adminCreateFrontendGrantCommand{cmd: cmd} + cmd.Run = command.run + return command +} + +func (cmd *adminCreateFrontendGrantCommand) run(_ *cobra.Command, args []string) { + frontendToken := args[0] + accountEmail := args[1] + + root, err := environment.LoadRoot() + if err != nil { + panic(err) + } + + zrok, err := root.Client() + if err != nil { + panic(err) + } + + req := admin.NewAddFrontendGrantParams() + req.Body.FrontendToken = frontendToken + req.Body.Email = accountEmail + + if _, err = zrok.Admin.AddFrontendGrant(req, mustGetAdminAuth()); err != nil { + logrus.Errorf("error addming frontend grant: %v", err) + os.Exit(1) + } + + logrus.Infof("added frontend ('%v') grant for '%v'", frontendToken, accountEmail) +} diff --git a/cmd/zrok/adminDeleteFrontendGrant.go b/cmd/zrok/adminDeleteFrontendGrant.go new file mode 100644 index 00000000..f078dec8 --- /dev/null +++ b/cmd/zrok/adminDeleteFrontendGrant.go @@ -0,0 +1,56 @@ +package main + +import ( + "os" + + "github.com/openziti/zrok/environment" + "github.com/openziti/zrok/rest_client_zrok/admin" + "github.com/sirupsen/logrus" + "github.com/spf13/cobra" +) + +func init() { + adminDeleteCmd.AddCommand(newAdminDeleteFrontendGrantCommand().cmd) +} + +type adminDeleteFrontendGrantCommand struct { + cmd *cobra.Command +} + +func newAdminDeleteFrontendGrantCommand() *adminDeleteFrontendGrantCommand { + cmd := &cobra.Command{ + Use: "frontend-grant ", + Aliases: []string{"fg"}, + Short: "Remove account access from a frontend", + Args: cobra.ExactArgs(2), + } + command := &adminDeleteFrontendGrantCommand{cmd: cmd} + cmd.Run = command.run + return command +} + +func (cmd *adminDeleteFrontendGrantCommand) run(_ *cobra.Command, args []string) { + frontendToken := args[0] + accountEmail := args[1] + + root, err := environment.LoadRoot() + if err != nil { + panic(err) + } + + zrok, err := root.Client() + if err != nil { + panic(err) + } + + req := admin.NewDeleteFrontendGrantParams() + req.Body.FrontendToken = frontendToken + req.Body.Email = accountEmail + + if _, err := zrok.Admin.DeleteFrontendGrant(req, mustGetAdminAuth()); err != nil { + logrus.Errorf("error deleting frontend grant: %v", err) + os.Exit(1) + } + + logrus.Infof("deleted frontend ('%v') grant for '%v'", frontendToken, accountEmail) +} diff --git a/controller/addFrontendGrant.go b/controller/addFrontendGrant.go index 4b5b1f57..d1dd7223 100644 --- a/controller/addFrontendGrant.go +++ b/controller/addFrontendGrant.go @@ -50,7 +50,12 @@ func (h *addFrontendGrantHandler) Handle(params admin.AddFrontendGrantParams, pr return admin.NewAddFrontendGrantInternalServerError() } logrus.Infof("granted '%v' access to frontend '%v'", acct.Email, fe.Token) - + + if err := trx.Commit(); err != nil { + logrus.Errorf("error committing transaction: %v", err) + return admin.NewAddFrontendGrantInternalServerError() + } + } else { logrus.Infof("account '%v' already granted access to frontend '%v'", acct.Email, fe.Token) } diff --git a/controller/deleteFrontendGrant.go b/controller/deleteFrontendGrant.go index 4313bd79..7c35da52 100644 --- a/controller/deleteFrontendGrant.go +++ b/controller/deleteFrontendGrant.go @@ -51,6 +51,11 @@ func (h *deleteFrontendGrantHandler) Handle(params admin.DeleteFrontendGrantPara } logrus.Infof("deleted '%v' access to frontend '%v'", acct.Email, fe.Token) + if err := trx.Commit(); err != nil { + logrus.Errorf("error committing transaction: %v", err) + return admin.NewAddFrontendGrantInternalServerError() + } + } else { logrus.Infof("account '%v' not granted access to frontend '%v'", acct.Email, fe.Token) }