forked from sassoftware/pyviyatools
-
Notifications
You must be signed in to change notification settings - Fork 0
/
getruleid.py
executable file
·89 lines (74 loc) · 3.19 KB
/
getruleid.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# getruleid.py
# December 2017
#
# getruleid pass in a uri and identity and return the rule id
# for example
# getruleid.py -u /SASVisualAnalytics/** -p "authenticatedUsers"
# or
# getruleid.py -c /folders/folders/dba5473d-afb4-44d4-866a-9671ed5878c2 -p "authenticatedusers"
#
# Change History
#
# 27JAN2017 Comments added
# 18JUN2018 Output JSON
# 20Feb2020 make identity a required parameter
# 14Jul2021 Support getting rules that target container URIs
#
# Copyright © 2018-2021, SAS Institute Inc., Cary, NC, USA. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the License);
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
import argparse
import sys
from sharedfunctions import callrestapi, printresult
debug=False
# Define exception handler so that we only output trace info from errors when in debug mode
def exception_handler(exception_type, exception, traceback, debug_hook=sys.excepthook):
if debug:
debug_hook(exception_type, exception, traceback)
else:
print (exception_type.__name__, exception)
sys.excepthook = exception_handler
# setup command-line arguements
parser = argparse.ArgumentParser()
parser.add_argument("-u","--objecturi", help="objectURI. You must specify either -u objectURI or -c containerURI.")
parser.add_argument("-c","--containeruri", help="containerURI. You must specify either -u objectURI or -c containerURI.")
parser.add_argument("-p","--principal", help="Enter the identity name or authenticatedUsers, everyone or guest",required='True')
parser.add_argument("-o","--output", help="Output Style", choices=['csv','json','simple','simplejson'],default='json')
args = parser.parse_args()
objuri=args.objecturi
conturi=args.containeruri
ident=args.principal
output_style=args.output
if objuri and conturi:
raise Exception('You must specify either -u objectURI or -c containerURI, but not both.')
if objuri is None and conturi is None:
raise Exception('You must specify either -u objectURI or -c containerURI. You may not specify both.')
if ident.lower()=='authenticatedusers': ident='authenticatedUsers'
if ident=='guest' or ident=='everyone' or ident=='authenticatedUsers':
if objuri:
reqval= "/authorization/rules?filter=and(eq(principalType,'"+ident+"'),eq(objectUri,'"+objuri+"'))"
else:
reqval= "/authorization/rules?filter=and(eq(principalType,'"+ident+"'),eq(containerUri,'"+conturi+"'))"
else:
if objuri:
reqval= "/authorization/rules?filter=and(eq(principal,'"+ident+"'),eq(objectUri,'"+objuri+"'))"
else:
reqval= "/authorization/rules?filter=and(eq(principal,'"+ident+"'),eq(containerUri,'"+conturi+"'))"
reqtype='get'
result=callrestapi(reqval,reqtype)
# print rest call results
printresult(result,output_style)