dohertj2/scadalink-design
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e84a831a026edeb540ea52c04b115bd494fd2e26
scadalink-design/src/ScadaLink.CLI/Commands/SecurityCommands.cs
Joseph Doherty 1a540f4f0a feat: add HTTP Management API, migrate CLI from Akka ClusterClient to HTTP 
Replace the CLI's Akka.NET ClusterClient transport with a simple HTTP client
targeting a new POST /management endpoint on the Central Host. The endpoint
handles Basic Auth, LDAP authentication, role resolution, and ManagementActor
dispatch in a single round-trip — eliminating the CLI's Akka, LDAP, and
Security dependencies.

Also fixes DCL ReSubscribeAll losing subscriptions on repeated reconnect by
deriving the tag list from _subscriptionsByInstance instead of _subscriptionIds.
2026-03-20 23:55:31 -04:00

173 lines
8.4 KiB
C#
Raw Blame History

using System.CommandLine;
using System.CommandLine.Parsing;
using ScadaLink.Commons.Messages.Management;
namespace ScadaLink.CLI.Commands;
public static class SecurityCommands
{
public static Command Build(Option<string> urlOption, Option<string> formatOption, Option<string> usernameOption, Option<string> passwordOption)
{
var command = new Command("security") { Description = "Manage security settings" };
command.Add(BuildApiKey(urlOption, formatOption, usernameOption, passwordOption));
command.Add(BuildRoleMapping(urlOption, formatOption, usernameOption, passwordOption));
command.Add(BuildScopeRule(urlOption, formatOption, usernameOption, passwordOption));
return command;
}
private static Command BuildApiKey(Option<string> urlOption, Option<string> formatOption, Option<string> usernameOption, Option<string> passwordOption)
{
var group = new Command("api-key") { Description = "Manage API keys" };
var listCmd = new Command("list") { Description = "List all API keys" };
listCmd.SetAction(async (ParseResult result) =>
{
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption, new ListApiKeysCommand());
});
group.Add(listCmd);
var nameOption = new Option<string>("--name") { Description = "API key name", Required = true };
var createCmd = new Command("create") { Description = "Create an API key" };
createCmd.Add(nameOption);
createCmd.SetAction(async (ParseResult result) =>
{
var name = result.GetValue(nameOption)!;
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption, new CreateApiKeyCommand(name));
});
group.Add(createCmd);
var idOption = new Option<int>("--id") { Description = "API key ID", Required = true };
var deleteCmd = new Command("delete") { Description = "Delete an API key" };
deleteCmd.Add(idOption);
deleteCmd.SetAction(async (ParseResult result) =>
{
var id = result.GetValue(idOption);
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption, new DeleteApiKeyCommand(id));
});
group.Add(deleteCmd);
var updateIdOption = new Option<int>("--id") { Description = "API key ID", Required = true };
var enabledOption = new Option<bool>("--enabled") { Description = "Enable or disable", Required = true };
var updateCmd = new Command("update") { Description = "Enable or disable an API key" };
updateCmd.Add(updateIdOption);
updateCmd.Add(enabledOption);
updateCmd.SetAction(async (ParseResult result) =>
{
var id = result.GetValue(updateIdOption);
var enabled = result.GetValue(enabledOption);
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption, new UpdateApiKeyCommand(id, enabled));
});
group.Add(updateCmd);
return group;
}
private static Command BuildRoleMapping(Option<string> urlOption, Option<string> formatOption, Option<string> usernameOption, Option<string> passwordOption)
{
var group = new Command("role-mapping") { Description = "Manage LDAP role mappings" };
var listCmd = new Command("list") { Description = "List all role mappings" };
listCmd.SetAction(async (ParseResult result) =>
{
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption, new ListRoleMappingsCommand());
});
group.Add(listCmd);
var ldapGroupOption = new Option<string>("--ldap-group") { Description = "LDAP group name", Required = true };
var roleOption = new Option<string>("--role") { Description = "Role name", Required = true };
var createCmd = new Command("create") { Description = "Create a role mapping" };
createCmd.Add(ldapGroupOption);
createCmd.Add(roleOption);
createCmd.SetAction(async (ParseResult result) =>
{
var ldapGroup = result.GetValue(ldapGroupOption)!;
var role = result.GetValue(roleOption)!;
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption,
new CreateRoleMappingCommand(ldapGroup, role));
});
group.Add(createCmd);
var idOption = new Option<int>("--id") { Description = "Mapping ID", Required = true };
var deleteCmd = new Command("delete") { Description = "Delete a role mapping" };
deleteCmd.Add(idOption);
deleteCmd.SetAction(async (ParseResult result) =>
{
var id = result.GetValue(idOption);
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption, new DeleteRoleMappingCommand(id));
});
group.Add(deleteCmd);
var updateIdOption = new Option<int>("--id") { Description = "Mapping ID", Required = true };
var updateLdapGroupOption = new Option<string>("--ldap-group") { Description = "LDAP group name", Required = true };
var updateRoleOption = new Option<string>("--role") { Description = "Role name", Required = true };
var updateCmd = new Command("update") { Description = "Update a role mapping" };
updateCmd.Add(updateIdOption);
updateCmd.Add(updateLdapGroupOption);
updateCmd.Add(updateRoleOption);
updateCmd.SetAction(async (ParseResult result) =>
{
var id = result.GetValue(updateIdOption);
var ldapGroup = result.GetValue(updateLdapGroupOption)!;
var role = result.GetValue(updateRoleOption)!;
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption,
new UpdateRoleMappingCommand(id, ldapGroup, role));
});
group.Add(updateCmd);
return group;
}
private static Command BuildScopeRule(Option<string> urlOption, Option<string> formatOption, Option<string> usernameOption, Option<string> passwordOption)
{
var group = new Command("scope-rule") { Description = "Manage LDAP scope rules" };
var mappingIdOption = new Option<int>("--mapping-id") { Description = "Role mapping ID", Required = true };
var listCmd = new Command("list") { Description = "List scope rules for a mapping" };
listCmd.Add(mappingIdOption);
listCmd.SetAction(async (ParseResult result) =>
{
var mappingId = result.GetValue(mappingIdOption);
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption, new ListScopeRulesCommand(mappingId));
});
group.Add(listCmd);
var addMappingIdOption = new Option<int>("--mapping-id") { Description = "Role mapping ID", Required = true };
var siteIdOption = new Option<int>("--site-id") { Description = "Site ID", Required = true };
var addCmd = new Command("add") { Description = "Add a scope rule" };
addCmd.Add(addMappingIdOption);
addCmd.Add(siteIdOption);
addCmd.SetAction(async (ParseResult result) =>
{
var mappingId = result.GetValue(addMappingIdOption);
var siteId = result.GetValue(siteIdOption);
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption, new AddScopeRuleCommand(mappingId, siteId));
});
group.Add(addCmd);
var deleteIdOption = new Option<int>("--id") { Description = "Scope rule ID", Required = true };
var deleteCmd = new Command("delete") { Description = "Delete a scope rule" };
deleteCmd.Add(deleteIdOption);
deleteCmd.SetAction(async (ParseResult result) =>
{
var id = result.GetValue(deleteIdOption);
return await CommandHelpers.ExecuteCommandAsync(
result, urlOption, formatOption, usernameOption, passwordOption, new DeleteScopeRuleCommand(id));
});
group.Add(deleteCmd);
return group;
}
}
Reference in New Issue View Git Blame Copy Permalink