Commit 1dce0c1b authored by Chelsea Komlo's avatar Chelsea Komlo Committed by GitHub
Browse files

Merge pull request #3226 from hashicorp/f-acl-cli-info

Add ACL token info
Showing with 182 additions and 0 deletions
+182 -0
package command
import (
"fmt"
"strings"
"github.com/posener/complete"
)
type ACLTokenInfoCommand struct {
Meta
}
func (c *ACLTokenInfoCommand) Help() string {
helpText := `
Usage: nomad acl token info <token_accessor_id>
Info is used to fetch information on an existing ACL tokens. Requires a management token.
General Options:
` + generalOptionsUsage()
return strings.TrimSpace(helpText)
}
func (c *ACLTokenInfoCommand) AutocompleteFlags() complete.Flags {
return mergeAutocompleteFlags(c.Meta.AutocompleteFlags(FlagSetClient),
complete.Flags{})
}
func (c *ACLTokenInfoCommand) AutocompleteArgs() complete.Predictor {
return complete.PredictNothing
}
func (c *ACLTokenInfoCommand) Synopsis() string {
return "Fetch information on an existing ACL token"
}
func (c *ACLTokenInfoCommand) Run(args []string) int {
flags := c.Meta.FlagSet("acl token info", FlagSetClient)
flags.Usage = func() { c.Ui.Output(c.Help()) }
if err := flags.Parse(args); err != nil {
return 1
}
// Check that we have exactly one argument
args = flags.Args()
if l := len(args); l != 1 {
c.Ui.Error(c.Help())
return 1
}
tokenAccessorID := args[0]
// Get the HTTP client
client, err := c.Meta.Client()
if err != nil {
c.Ui.Error(fmt.Sprintf("Error initializing client: %s", err))
return 1
}
// Get the specified token information
token, _, err := client.ACLTokens().Info(tokenAccessorID, nil)
if err != nil {
c.Ui.Error(fmt.Sprintf("Error fetching token: %s", err))
return 1
}
// Format the output
c.Ui.Output(formatKVACLToken(token))
return 0
}
package command
import (
"os"
"strings"
"testing"
"github.com/hashicorp/nomad/acl"
"github.com/hashicorp/nomad/command/agent"
"github.com/hashicorp/nomad/nomad/mock"
"github.com/hashicorp/nomad/nomad/structs"
"github.com/mitchellh/cli"
"github.com/stretchr/testify/assert"
)
func TestACLTokenInfoCommand_ViaEnvVar(t *testing.T) {
assert := assert.New(t)
t.Parallel()
config := func(c *agent.Config) {
c.ACL.Enabled = true
}
srv, _, url := testServer(t, true, config)
defer srv.Shutdown()
state := srv.Agent.Server().State()
// Bootstrap an initial ACL token
token := srv.Token
assert.NotNil(token, "failed to bootstrap ACL token")
ui := new(cli.MockUi)
cmd := &ACLTokenInfoCommand{Meta: Meta{Ui: ui, flagAddress: url}}
// Create a valid token
mockToken := mock.ACLToken()
mockToken.Policies = []string{acl.PolicyWrite}
mockToken.SetHash()
assert.Nil(state.UpsertACLTokens(1000, []*structs.ACLToken{mockToken}))
// Attempt to fetch info on a token without providing a valid management
// token
invalidToken := mock.ACLToken()
os.Setenv("NOMAD_TOKEN", invalidToken.SecretID)
code := cmd.Run([]string{"-address=" + url, mockToken.AccessorID})
assert.Equal(1, code)
// Fetch info on a token with a valid management token
os.Setenv("NOMAD_TOKEN", token.SecretID)
code = cmd.Run([]string{"-address=" + url, mockToken.AccessorID})
assert.Equal(0, code)
// Fetch info on a token with a valid management token via a CLI option
os.Setenv("NOMAD_TOKEN", "")
code = cmd.Run([]string{"-address=" + url, "-token=" + token.SecretID, mockToken.AccessorID})
assert.Equal(0, code)
// Check the output
out := ui.OutputWriter.String()
if !strings.Contains(out, mockToken.AccessorID) {
t.Fatalf("bad: %v", out)
}
}
......@@ -71,6 +71,11 @@ func Commands(metaPtr *command.Meta) map[string]cli.CommandFactory {
Meta: meta,
}, nil
},
"acl token info": func() (cli.Command, error) {
return &command.ACLTokenInfoCommand{
Meta: meta,
}, nil
},
"alloc-status": func() (cli.Command, error) {
return &command.AllocStatusCommand{
Meta: meta,
......
......@@ -25,6 +25,7 @@ subcommands are available:
* [`acl policy info`][policyinfo] - Fetch information on an existing ACL policy
* [`acl token create`][tokencreate] - Create new ACL token
* [`acl token delete`][tokendelete] - Delete an existing ACL token
* [`acl token info`][tokeninfo] - Get info on an existing ACL token
[bootstrap]: /docs/commands/acl/bootstrap.html
[policyapply]: /docs/commands/acl/policy-apply.html
......@@ -32,4 +33,5 @@ subcommands are available:
[policyinfo]: /docs/commands/acl/policy-info.html
[tokencreate]: /docs/commands/acl/token-create.html
[tokendelete]: /docs/commands/acl/token-delete.html
[tokeninfo]: /docs/commands/acl/token-info.html
---
layout: "docs"
page_title: "Commands: acl token info"
sidebar_current: "docs-commands-acl-token-info"
description: >
The token info command is used to fetch information about an existing ACL token.
---
# Command: acl token info
The `acl token info` command is used to fetch information about an existing ACL token.
## Usage
```
nomad acl token info <token_accessor_id>
```
The `acl token info` command requires an existing token's AccessorID.
## General Options
<%= partial "docs/commands/_general_options" %>
## Examples
Fetch information about an existing ACL token:
```
$ nomad acl token info d532c40a-30f1-695c-19e5-c35b882b0efd
Accessor ID = d532c40a-30f1-695c-19e5-c35b882b0efd
Secret ID = 85310d07-9afa-ef53-0933-0c043cd673c7
Name = my token
Type = client
Global = false
Policies = [foo bar]
Create Time = 2017-09-15 05:04:41.814954949 +0000 UTC
Create Index = 8
Modify Index = 8
```
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment