Added support for rules that target containerUri (#82)

getruleid.py

@@ -7,14 +7,17 @@
 # getruleid pass in a uri and identity and return the rule id
 # for example
 # getruleid.py -u /SASVisualAnalytics/** -p "authenticatedUsers"
+#  or
+# getruleid.py -c /folders/folders/dba5473d-afb4-44d4-866a-9671ed5878c2 -p "authenticatedusers"
 #
 # Change History
 #
 #  27JAN2017 Comments added
 #  18JUN2018 Output JSON
 #  20Feb2020 make identity a required parameter
+#  14Jul2021 Support getting rules that target container URIs
 #
-# Copyright © 2018, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+# Copyright © 2018-2021, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
 #
 #  Licensed under the Apache License, Version 2.0 (the License);
 #  you may not use this file except in compliance with the License.
@@ -30,27 +33,53 @@
 #
 
 import argparse
+import sys
 
 from sharedfunctions import callrestapi, printresult
 
+debug=False
+
+# Define exception handler so that we only output trace info from errors when in debug mode
+def exception_handler(exception_type, exception, traceback, debug_hook=sys.excepthook):
+    if debug:
+        debug_hook(exception_type, exception, traceback)
+    else:
+        print "%s: %s" % (exception_type.__name__, exception)
+
+sys.excepthook = exception_handler
+
+
 # setup command-line arguements
 parser = argparse.ArgumentParser()
 
-parser.add_argument("-u","--objecturi", help="Enter the objecturi.",required='True')
+parser.add_argument("-u","--objecturi", help="objectURI. You must specify either -u objectURI or -c containerURI.")
+parser.add_argument("-c","--containeruri", help="containerURI. You must specify either -u objectURI or -c containerURI.")
 parser.add_argument("-p","--principal", help="Enter the identity name or authenticatedUsers, everyone or guest",required='True')
 parser.add_argument("-o","--output", help="Output Style", choices=['csv','json','simple','simplejson'],default='json')
 
 args = parser.parse_args()
 objuri=args.objecturi
+conturi=args.containeruri
 ident=args.principal
 output_style=args.output
 
+if objuri and conturi:
+  raise Exception('You must specify either -u objectURI or -c containerURI, but not both.')
+if objuri is None and conturi is None:
+  raise Exception('You must specify either -u objectURI or -c containerURI. You may not specify both.')
+
 if ident.lower()=='authenticatedusers': ident='authenticatedUsers'
 
 if ident=='guest' or ident=='everyone' or ident=='authenticatedUsers':
-    reqval= "/authorization/rules?filter=and(eq(principalType,'"+ident+"'),eq(objectUri,'"+objuri+"'))"
+    if objuri:
+        reqval= "/authorization/rules?filter=and(eq(principalType,'"+ident+"'),eq(objectUri,'"+objuri+"'))"
+    else:
+        reqval= "/authorization/rules?filter=and(eq(principalType,'"+ident+"'),eq(containerUri,'"+conturi+"'))"
 else:
-    reqval= "/authorization/rules?filter=and(eq(principal,'"+ident+"'),eq(objectUri,'"+objuri+"'))"
+    if objuri:
+        reqval= "/authorization/rules?filter=and(eq(principal,'"+ident+"'),eq(objectUri,'"+objuri+"'))"
+    else:
+        reqval= "/authorization/rules?filter=and(eq(principal,'"+ident+"'),eq(containerUri,'"+conturi+"'))"
 
 reqtype='get'