storj/cmd/uplink/cmd_access_create.go

// Copyright (C) 2021 Storj Labs, Inc.
// See LICENSE for copying information.

package main

import (
	"context"
	"fmt"
	"io"
	"strconv"
	"strings"

	"github.com/zeebo/clingy"
	"github.com/zeebo/errs"

	"storj.io/storj/cmd/uplink/ulext"
)

type cmdAccessCreate struct {
	ex ulext.External
	am accessMaker

	passphraseStdin bool
	satelliteAddr   string
	apiKey          string
	importAs        string
	exportTo        string

	unencryptedObjectKeys *bool
}

func newCmdAccessCreate(ex ulext.External) *cmdAccessCreate {
	return &cmdAccessCreate{ex: ex}
}

func (c *cmdAccessCreate) Setup(params clingy.Parameters) {
	c.passphraseStdin = params.Flag("passphrase-stdin", "If set, the passphrase is read from stdin, and all other values must be provided.", false,
		clingy.Transform(strconv.ParseBool),
		clingy.Boolean,
	).(bool)

	c.satelliteAddr = params.Flag("satellite-address", "Satellite address from satellite UI (prompted if unspecified)", "").(string)
	c.apiKey = params.Flag("api-key", "API key from satellite UI (prompted if unspecified)", "").(string)
	c.importAs = params.Flag("import-as", "Import the access as this name", "").(string)
	c.exportTo = params.Flag("export-to", "Export the access to this file path", "").(string)

	c.unencryptedObjectKeys = params.Flag("unencrypted-object-keys", "If set, the created access grant won't encrypt object keys", nil,
		clingy.Transform(strconv.ParseBool), clingy.Boolean, clingy.Optional,
	).(*bool)

	params.Break()
	c.am.Setup(params, c.ex)
}

func (c *cmdAccessCreate) Execute(ctx context.Context) (err error) {
	if c.satelliteAddr == "" {
		if c.passphraseStdin {
			return errs.New("Must specify the satellite address as a flag when passphrase-stdin is set.")
		}
		c.satelliteAddr, err = c.ex.PromptInput(ctx, "Satellite address:")
		if err != nil {
			return errs.Wrap(err)
		}
	}

	if c.apiKey == "" {
		if c.passphraseStdin {
			return errs.New("Must specify the api key as a flag when passphrase-stdin is set.")
		}
		c.apiKey, err = c.ex.PromptInput(ctx, "API key:")
		if err != nil {
			return errs.Wrap(err)
		}
	}

	unencryptedObjectKeys := false
	if c.unencryptedObjectKeys != nil {
		unencryptedObjectKeys = *c.unencryptedObjectKeys
	} else if !c.passphraseStdin {
		answer, err := c.ex.PromptInput(ctx, "Would you like to disable encryption for object keys (allows lexicographical sorting of objects in listings)? (y/N):")
		if err != nil {
			return errs.Wrap(err)
		}

		answer = strings.ToLower(answer)
		if answer == "y" || answer == "yes" {
			unencryptedObjectKeys = true
		}
	}

	var passphrase string
	if c.passphraseStdin {
		stdinData, err := io.ReadAll(clingy.Stdin(ctx))
		if err != nil {
			return errs.Wrap(err)
		}
		passphrase = strings.TrimRight(string(stdinData), "\r\n")
	} else {
		passphrase, err = c.ex.PromptSecret(ctx, "Passphrase:")
		if err != nil {
			return errs.Wrap(err)
		}
	}
	if passphrase == "" {
		return errs.New("Encryption passphrase must be non-empty")
	}

	access, err := c.ex.RequestAccess(ctx, c.satelliteAddr, c.apiKey, passphrase, unencryptedObjectKeys)
	if err != nil {
		return errs.Wrap(err)
	}

	access, err = c.am.Execute(ctx, c.importAs, access)
	if err != nil {
		return errs.Wrap(err)
	}

	if c.exportTo != "" {
		return c.ex.ExportAccess(ctx, access, c.exportTo)
	}

	if c.importAs != "" {
		return nil
	}

	serialized, err := access.Serialize()
	if err != nil {
		return errs.Wrap(err)
	}

	fmt.Fprintln(clingy.Stdout(ctx), serialized)

	return nil
}
cmd/uplinkng: initial commit with skeleton Change-Id: I764618cc60c46882955e9b08b72b3c162aa4929f 2021-03-31 16:56:34 +01:00			`// Copyright (C) 2021 Storj Labs, Inc.`
			`// See LICENSE for copying information.`

			`package main`

			`import (`
go.mod: bump clingy dependency As a reminder: latest clingy removed the requirement of having custom context (which made the usage of context.WithValue harder) and uses simple context instead. Clingy saves the stdin/stdout/stderr to the context (earlier to separated context type) to make it available for unit testing. Change-Id: I8896574f4670721de43a577cd4b35952e3b5d00e 2022-08-30 10:51:31 +01:00			`"context"`
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`"fmt"`
cmd/uplink: remove io/ioutil it has been deprecated since go1.16. Change-Id: I8c15b24176e5a4687fe297d569505e84fc5affda 2022-09-26 17:23:39 +01:00			`"io"`
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`"strconv"`
			`"strings"`

cmd/uplinkng: initial commit with skeleton Change-Id: I764618cc60c46882955e9b08b72b3c162aa4929f 2021-03-31 16:56:34 +01:00			`"github.com/zeebo/clingy"`
cmd/uplinkng: access creation/restriction and review fixes Change-Id: I649ae3615363685c28c39d1efb6a65fcad507f46 2021-06-22 23:41:22 +01:00			`"github.com/zeebo/errs"`
cmd/uplinkng: remove global flags this changes globalFlags to be a ulext.External interface value that is passed to each command. rather than have the ulext.External have a Setup call in the way that the projectProvider used to we make all of the state arguments to the functions and have the commands call setup themselves. the reason it is in its own package is so that cmd/uplinkng can import cmd/uplinkng/ultest but cmd/uplinkng/ultest needs to refer to whatever the interface type is to call the function that creates the commands. there's also quite a bit of shuffling around of code and names. sorry if that makes it tricky to review. there should be no logic changes, though. a side benefit is there's no longer a need to do a type assertion in ultest to make it set the fake filesystem to use. that can be passed in directly now. additionally, this makes the access commands much easier to test. Change-Id: I29cf6a2144248a58b7a605a7ae0a5ada5cfd57b6 2021-05-26 21:19:29 +01:00
cmd/uplinkng: become cmd/uplink Change-Id: If426c32219d32044d715ab6dfa9718807f32cb9f 2022-01-06 19:55:46 +00:00			`"storj.io/storj/cmd/uplink/ulext"`
cmd/uplinkng: initial commit with skeleton Change-Id: I764618cc60c46882955e9b08b72b3c162aa4929f 2021-03-31 16:56:34 +01:00			`)`

			`type cmdAccessCreate struct {`
cmd/uplinkng: remove global flags this changes globalFlags to be a ulext.External interface value that is passed to each command. rather than have the ulext.External have a Setup call in the way that the projectProvider used to we make all of the state arguments to the functions and have the commands call setup themselves. the reason it is in its own package is so that cmd/uplinkng can import cmd/uplinkng/ultest but cmd/uplinkng/ultest needs to refer to whatever the interface type is to call the function that creates the commands. there's also quite a bit of shuffling around of code and names. sorry if that makes it tricky to review. there should be no logic changes, though. a side benefit is there's no longer a need to do a type assertion in ultest to make it set the fake filesystem to use. that can be passed in directly now. additionally, this makes the access commands much easier to test. Change-Id: I29cf6a2144248a58b7a605a7ae0a5ada5cfd57b6 2021-05-26 21:19:29 +01:00			`ex ulext.External`
cmd/uplinkng: access creation/restriction and review fixes Change-Id: I649ae3615363685c28c39d1efb6a65fcad507f46 2021-06-22 23:41:22 +01:00			`am accessMaker`
cmd/uplinkng: initial commit with skeleton Change-Id: I764618cc60c46882955e9b08b72b3c162aa4929f 2021-03-31 16:56:34 +01:00
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`passphraseStdin bool`
			`satelliteAddr string`
			`apiKey string`
			`importAs string`
			`exportTo string`
cmd/uplink: ability to opt-out from object key encryption Option added to `uplink access setup` and `uplink access create` commands to disable object key encryption. Related to https://github.com/storj/storj/issues/5678 Change-Id: I4789a94143742ff4b232fd60decc029ad2883c2a 2022-10-24 14:54:51 +01:00
			`unencryptedObjectKeys *bool`
cmd/uplinkng: initial commit with skeleton Change-Id: I764618cc60c46882955e9b08b72b3c162aa4929f 2021-03-31 16:56:34 +01:00			`}`

cmd/uplinkng: remove global flags this changes globalFlags to be a ulext.External interface value that is passed to each command. rather than have the ulext.External have a Setup call in the way that the projectProvider used to we make all of the state arguments to the functions and have the commands call setup themselves. the reason it is in its own package is so that cmd/uplinkng can import cmd/uplinkng/ultest but cmd/uplinkng/ultest needs to refer to whatever the interface type is to call the function that creates the commands. there's also quite a bit of shuffling around of code and names. sorry if that makes it tricky to review. there should be no logic changes, though. a side benefit is there's no longer a need to do a type assertion in ultest to make it set the fake filesystem to use. that can be passed in directly now. additionally, this makes the access commands much easier to test. Change-Id: I29cf6a2144248a58b7a605a7ae0a5ada5cfd57b6 2021-05-26 21:19:29 +01:00			`func newCmdAccessCreate(ex ulext.External) *cmdAccessCreate {`
			`return &cmdAccessCreate{ex: ex}`
			`}`

cmd/uplinkng: update for breaking clingy changes clingy changed some and this is just fixes for that Change-Id: I729aed6329fe0988fcb9b4407f16966a753b3204 2021-05-25 00:11:50 +01:00			`func (c *cmdAccessCreate) Setup(params clingy.Parameters) {`
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`c.passphraseStdin = params.Flag("passphrase-stdin", "If set, the passphrase is read from stdin, and all other values must be provided.", false,`
			`clingy.Transform(strconv.ParseBool),`
			`clingy.Boolean,`
			`).(bool)`

			`c.satelliteAddr = params.Flag("satellite-address", "Satellite address from satellite UI (prompted if unspecified)", "").(string)`
			`c.apiKey = params.Flag("api-key", "API key from satellite UI (prompted if unspecified)", "").(string)`
			`c.importAs = params.Flag("import-as", "Import the access as this name", "").(string)`
			`c.exportTo = params.Flag("export-to", "Export the access to this file path", "").(string)`
cmd/uplinkng: initial commit with skeleton Change-Id: I764618cc60c46882955e9b08b72b3c162aa4929f 2021-03-31 16:56:34 +01:00
cmd/uplink: ability to opt-out from object key encryption Option added to `uplink access setup` and `uplink access create` commands to disable object key encryption. Related to https://github.com/storj/storj/issues/5678 Change-Id: I4789a94143742ff4b232fd60decc029ad2883c2a 2022-10-24 14:54:51 +01:00			`c.unencryptedObjectKeys = params.Flag("unencrypted-object-keys", "If set, the created access grant won't encrypt object keys", nil,`
			`clingy.Transform(strconv.ParseBool), clingy.Boolean, clingy.Optional,`
			`).(*bool)`

cmd/uplinkng: access creation/restriction and review fixes Change-Id: I649ae3615363685c28c39d1efb6a65fcad507f46 2021-06-22 23:41:22 +01:00			`params.Break()`
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`c.am.Setup(params, c.ex)`
cmd/uplinkng: initial commit with skeleton Change-Id: I764618cc60c46882955e9b08b72b3c162aa4929f 2021-03-31 16:56:34 +01:00			`}`

go.mod: bump clingy dependency As a reminder: latest clingy removed the requirement of having custom context (which made the usage of context.WithValue harder) and uses simple context instead. Clingy saves the stdin/stdout/stderr to the context (earlier to separated context type) to make it available for unit testing. Change-Id: I8896574f4670721de43a577cd4b35952e3b5d00e 2022-08-30 10:51:31 +01:00			`func (c *cmdAccessCreate) Execute(ctx context.Context) (err error) {`
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`if c.satelliteAddr == "" {`
			`if c.passphraseStdin {`
			`return errs.New("Must specify the satellite address as a flag when passphrase-stdin is set.")`
			`}`
			`c.satelliteAddr, err = c.ex.PromptInput(ctx, "Satellite address:")`
cmd/uplinkng: access creation/restriction and review fixes Change-Id: I649ae3615363685c28c39d1efb6a65fcad507f46 2021-06-22 23:41:22 +01:00			`if err != nil {`
			`return errs.Wrap(err)`
			`}`
			`}`

cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`if c.apiKey == "" {`
			`if c.passphraseStdin {`
			`return errs.New("Must specify the api key as a flag when passphrase-stdin is set.")`
			`}`
			`c.apiKey, err = c.ex.PromptInput(ctx, "API key:")`
cmd/uplinkng: access creation/restriction and review fixes Change-Id: I649ae3615363685c28c39d1efb6a65fcad507f46 2021-06-22 23:41:22 +01:00			`if err != nil {`
			`return errs.Wrap(err)`
			`}`
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`}`

cmd/uplink: ability to opt-out from object key encryption Option added to `uplink access setup` and `uplink access create` commands to disable object key encryption. Related to https://github.com/storj/storj/issues/5678 Change-Id: I4789a94143742ff4b232fd60decc029ad2883c2a 2022-10-24 14:54:51 +01:00			`unencryptedObjectKeys := false`
			`if c.unencryptedObjectKeys != nil {`
			`unencryptedObjectKeys = *c.unencryptedObjectKeys`
			`} else if !c.passphraseStdin {`
			`answer, err := c.ex.PromptInput(ctx, "Would you like to disable encryption for object keys (allows lexicographical sorting of objects in listings)? (y/N):")`
			`if err != nil {`
			`return errs.Wrap(err)`
			`}`

			`answer = strings.ToLower(answer)`
			`if answer == "y" \|\| answer == "yes" {`
			`unencryptedObjectKeys = true`
			`}`
			`}`

cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`var passphrase string`
			`if c.passphraseStdin {`
cmd/uplink: remove io/ioutil it has been deprecated since go1.16. Change-Id: I8c15b24176e5a4687fe297d569505e84fc5affda 2022-09-26 17:23:39 +01:00			`stdinData, err := io.ReadAll(clingy.Stdin(ctx))`
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`if err != nil {`
			`return errs.Wrap(err)`
			`}`
			`passphrase = strings.TrimRight(string(stdinData), "\r\n")`
			`} else {`
			`passphrase, err = c.ex.PromptSecret(ctx, "Passphrase:")`
			`if err != nil {`
			`return errs.Wrap(err)`
cmd/uplinkng: secret prompting Change-Id: I1b407b59559281c2242b55ebcf835d465db38e1d 2021-08-02 17:54:30 +01:00			`}`
cmd/uplinkng: access creation/restriction and review fixes Change-Id: I649ae3615363685c28c39d1efb6a65fcad507f46 2021-06-22 23:41:22 +01:00			`}`
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`if passphrase == "" {`
			`return errs.New("Encryption passphrase must be non-empty")`
			`}`
cmd/uplinkng: access creation/restriction and review fixes Change-Id: I649ae3615363685c28c39d1efb6a65fcad507f46 2021-06-22 23:41:22 +01:00
cmd/uplink: ability to opt-out from object key encryption Option added to `uplink access setup` and `uplink access create` commands to disable object key encryption. Related to https://github.com/storj/storj/issues/5678 Change-Id: I4789a94143742ff4b232fd60decc029ad2883c2a 2022-10-24 14:54:51 +01:00			`access, err := c.ex.RequestAccess(ctx, c.satelliteAddr, c.apiKey, passphrase, unencryptedObjectKeys)`
cmd/uplinkng: access creation/restriction and review fixes Change-Id: I649ae3615363685c28c39d1efb6a65fcad507f46 2021-06-22 23:41:22 +01:00			`if err != nil {`
			`return errs.Wrap(err)`
			`}`

cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00			`access, err = c.am.Execute(ctx, c.importAs, access)`
			`if err != nil {`
			`return errs.Wrap(err)`
			`}`

			`if c.exportTo != "" {`
			`return c.ex.ExportAccess(ctx, access, c.exportTo)`
			`}`

			`if c.importAs != "" {`
			`return nil`
			`}`

			`serialized, err := access.Serialize()`
			`if err != nil {`
			`return errs.Wrap(err)`
			`}`

go.mod: bump clingy dependency As a reminder: latest clingy removed the requirement of having custom context (which made the usage of context.WithValue harder) and uses simple context instead. Clingy saves the stdin/stdout/stderr to the context (earlier to separated context type) to make it available for unit testing. Change-Id: I8896574f4670721de43a577cd4b35952e3b5d00e 2022-08-30 10:51:31 +01:00			`fmt.Fprintln(clingy.Stdout(ctx), serialized)`
cmd/uplinkng: improvements to prepare for doc update * improve setup wizard * added access grant file support * improved consistency across commands * a couple bug fixes * added access import and export Change-Id: I30ad9d4771f15430904a503a4d465bc40be471b5 2022-01-25 23:39:26 +00:00
			`return nil`
cmd/uplinkng: initial commit with skeleton Change-Id: I764618cc60c46882955e9b08b72b3c162aa4929f 2021-03-31 16:56:34 +01:00			`}`