|
|
@ -7,14 +7,17 @@ |
|
|
# getruleid pass in a uri and identity and return the rule id |
|
|
# getruleid pass in a uri and identity and return the rule id |
|
|
# for example |
|
|
# for example |
|
|
# getruleid.py -u /SASVisualAnalytics/** -p "authenticatedUsers" |
|
|
# getruleid.py -u /SASVisualAnalytics/** -p "authenticatedUsers" |
|
|
|
|
|
# or |
|
|
|
|
|
# getruleid.py -c /folders/folders/dba5473d-afb4-44d4-866a-9671ed5878c2 -p "authenticatedusers" |
|
|
# |
|
|
# |
|
|
# Change History |
|
|
# Change History |
|
|
# |
|
|
# |
|
|
# 27JAN2017 Comments added |
|
|
# 27JAN2017 Comments added |
|
|
# 18JUN2018 Output JSON |
|
|
# 18JUN2018 Output JSON |
|
|
# 20Feb2020 make identity a required parameter |
|
|
# 20Feb2020 make identity a required parameter |
|
|
|
|
|
# 14Jul2021 Support getting rules that target container URIs |
|
|
# |
|
|
# |
|
|
# Copyright © 2018, SAS Institute Inc., Cary, NC, USA. All Rights Reserved. |
|
|
# Copyright © 2018-2021, SAS Institute Inc., Cary, NC, USA. All Rights Reserved. |
|
|
# |
|
|
# |
|
|
# Licensed under the Apache License, Version 2.0 (the License); |
|
|
# Licensed under the Apache License, Version 2.0 (the License); |
|
|
# you may not use this file except in compliance with the License. |
|
|
# you may not use this file except in compliance with the License. |
|
|
@ -30,27 +33,53 @@ |
|
|
# |
|
|
# |
|
|
|
|
|
|
|
|
import argparse |
|
|
import argparse |
|
|
|
|
|
import sys |
|
|
|
|
|
|
|
|
from sharedfunctions import callrestapi, printresult |
|
|
from sharedfunctions import callrestapi, printresult |
|
|
|
|
|
|
|
|
|
|
|
debug=False |
|
|
|
|
|
|
|
|
|
|
|
# Define exception handler so that we only output trace info from errors when in debug mode |
|
|
|
|
|
def exception_handler(exception_type, exception, traceback, debug_hook=sys.excepthook): |
|
|
|
|
|
if debug: |
|
|
|
|
|
debug_hook(exception_type, exception, traceback) |
|
|
|
|
|
else: |
|
|
|
|
|
print "%s: %s" % (exception_type.__name__, exception) |
|
|
|
|
|
|
|
|
|
|
|
sys.excepthook = exception_handler |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# setup command-line arguements |
|
|
# setup command-line arguements |
|
|
parser = argparse.ArgumentParser() |
|
|
parser = argparse.ArgumentParser() |
|
|
|
|
|
|
|
|
parser.add_argument("-u","--objecturi", help="Enter the objecturi.",required='True') |
|
|
parser.add_argument("-u","--objecturi", help="objectURI. You must specify either -u objectURI or -c containerURI.") |
|
|
|
|
|
parser.add_argument("-c","--containeruri", help="containerURI. You must specify either -u objectURI or -c containerURI.") |
|
|
parser.add_argument("-p","--principal", help="Enter the identity name or authenticatedUsers, everyone or guest",required='True') |
|
|
parser.add_argument("-p","--principal", help="Enter the identity name or authenticatedUsers, everyone or guest",required='True') |
|
|
parser.add_argument("-o","--output", help="Output Style", choices=['csv','json','simple','simplejson'],default='json') |
|
|
parser.add_argument("-o","--output", help="Output Style", choices=['csv','json','simple','simplejson'],default='json') |
|
|
|
|
|
|
|
|
args = parser.parse_args() |
|
|
args = parser.parse_args() |
|
|
objuri=args.objecturi |
|
|
objuri=args.objecturi |
|
|
|
|
|
conturi=args.containeruri |
|
|
ident=args.principal |
|
|
ident=args.principal |
|
|
output_style=args.output |
|
|
output_style=args.output |
|
|
|
|
|
|
|
|
|
|
|
if objuri and conturi: |
|
|
|
|
|
raise Exception('You must specify either -u objectURI or -c containerURI, but not both.') |
|
|
|
|
|
if objuri is None and conturi is None: |
|
|
|
|
|
raise Exception('You must specify either -u objectURI or -c containerURI. You may not specify both.') |
|
|
|
|
|
|
|
|
if ident.lower()=='authenticatedusers': ident='authenticatedUsers' |
|
|
if ident.lower()=='authenticatedusers': ident='authenticatedUsers' |
|
|
|
|
|
|
|
|
if ident=='guest' or ident=='everyone' or ident=='authenticatedUsers': |
|
|
if ident=='guest' or ident=='everyone' or ident=='authenticatedUsers': |
|
|
|
|
|
if objuri: |
|
|
reqval= "/authorization/rules?filter=and(eq(principalType,'"+ident+"'),eq(objectUri,'"+objuri+"'))" |
|
|
reqval= "/authorization/rules?filter=and(eq(principalType,'"+ident+"'),eq(objectUri,'"+objuri+"'))" |
|
|
|
|
|
else: |
|
|
|
|
|
reqval= "/authorization/rules?filter=and(eq(principalType,'"+ident+"'),eq(containerUri,'"+conturi+"'))" |
|
|
else: |
|
|
else: |
|
|
|
|
|
if objuri: |
|
|
reqval= "/authorization/rules?filter=and(eq(principal,'"+ident+"'),eq(objectUri,'"+objuri+"'))" |
|
|
reqval= "/authorization/rules?filter=and(eq(principal,'"+ident+"'),eq(objectUri,'"+objuri+"'))" |
|
|
|
|
|
else: |
|
|
|
|
|
reqval= "/authorization/rules?filter=and(eq(principal,'"+ident+"'),eq(containerUri,'"+conturi+"'))" |
|
|
|
|
|
|
|
|
reqtype='get' |
|
|
reqtype='get' |
|
|
|
|
|
|
|
|
|
David Stern
5 years ago
GitHub