diff options
Diffstat (limited to 'deps/rabbitmq_cli/lib/rabbitmq/cli/ctl/commands/add_user_command.ex')
-rw-r--r-- | deps/rabbitmq_cli/lib/rabbitmq/cli/ctl/commands/add_user_command.ex | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/deps/rabbitmq_cli/lib/rabbitmq/cli/ctl/commands/add_user_command.ex b/deps/rabbitmq_cli/lib/rabbitmq/cli/ctl/commands/add_user_command.ex new file mode 100644 index 0000000000..514922cac9 --- /dev/null +++ b/deps/rabbitmq_cli/lib/rabbitmq/cli/ctl/commands/add_user_command.ex @@ -0,0 +1,98 @@ +## This Source Code Form is subject to the terms of the Mozilla Public +## License, v. 2.0. If a copy of the MPL was not distributed with this +## file, You can obtain one at https://mozilla.org/MPL/2.0/. +## +## Copyright (c) 2007-2020 VMware, Inc. or its affiliates. All rights reserved. + +defmodule RabbitMQ.CLI.Ctl.Commands.AddUserCommand do + alias RabbitMQ.CLI.Core.{DocGuide, ExitCodes, Helpers, Input} + import RabbitMQ.CLI.Core.Config, only: [output_less?: 1] + + @behaviour RabbitMQ.CLI.CommandBehaviour + + use RabbitMQ.CLI.Core.MergesNoDefaults + + def validate(args, _) when length(args) < 1, do: {:validation_failure, :not_enough_args} + def validate(args, _) when length(args) > 2, do: {:validation_failure, :too_many_args} + def validate([_], _), do: :ok + def validate(["", _], _) do + {:validation_failure, {:bad_argument, "user cannot be an empty string"}} + end + def validate([_, _], _), do: :ok + + use RabbitMQ.CLI.Core.RequiresRabbitAppRunning + + def run([username], %{node: node_name} = opts) do + # note: blank passwords are currently allowed, they make sense + # e.g. when a user only authenticates using X.509 certificates. + # Credential validators can be used to require passwords of a certain length + # or following a certain pattern. This is a core server responsibility. MK. + case Input.infer_password("Password: ", opts) do + :eof -> {:error, :not_enough_args} + password -> :rabbit_misc.rpc_call( + node_name, + :rabbit_auth_backend_internal, + :add_user, + [username, password, Helpers.cli_acting_user()] + ) + end + end + def run([username, password], %{node: node_name}) do + :rabbit_misc.rpc_call( + node_name, + :rabbit_auth_backend_internal, + :add_user, + [username, password, Helpers.cli_acting_user()] + ) + end + + def output({:error, :not_enough_args}, _) do + {:error, ExitCodes.exit_dataerr(), "Password is not provided via argument or stdin"} + end + def output({:error, {:user_already_exists, username}}, %{node: node_name, formatter: "json"}) do + {:error, %{"result" => "error", "node" => node_name, "message" => "User #{username} already exists"}} + end + def output({:error, {:user_already_exists, username}}, _) do + {:error, ExitCodes.exit_software(), "User \"#{username}\" already exists"} + end + def output(:ok, %{formatter: "json", node: node_name}) do + m = %{ + "status" => "ok", + "node" => node_name, + "message" => "Done. Don't forget to grant the user permissions to some virtual hosts! See 'rabbitmqctl help set_permissions' to learn more." + } + {:ok, m} + end + def output(:ok, opts) do + case output_less?(opts) do + true -> + :ok + false -> + {:ok, "Done. Don't forget to grant the user permissions to some virtual hosts! See 'rabbitmqctl help set_permissions' to learn more."} + end + end + use RabbitMQ.CLI.DefaultOutput + + def usage, do: "add_user <username> <password>" + + def usage_additional() do + [ + ["<username>", "Self-explanatory"], + ["<password>", "Password this user will authenticate with. Use a blank string to disable password-based authentication."] + ] + end + + def usage_doc_guides() do + [ + DocGuide.access_control() + ] + end + + def help_section(), do: :user_management + + def description() do + "Creates a new user in the internal database. This user will have no permissions for any virtual hosts by default." + end + + def banner([username | _], _), do: "Adding user \"#{username}\" ..." +end |