mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(kanidm): don't allow empty string fields on CLI (#3018)

Browse source
This commit is contained in:
James Hodgkinson 2024-09-04 15:29:26 +10:00 committed by GitHub
parent 3b990829d6
commit db26979a98
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 41 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
tools/cli/src/opt/kanidm.rs
View file

@ -1,4 +1,4 @@
use clap::{Args, Subcommand, ValueEnum, builder::PossibleValue}; use clap::{builder::PossibleValue, Args, Subcommand, ValueEnum};
use std::fmt; use std::fmt;
#[derive(Debug, Args)] #[derive(Debug, Args)]
@ -58,13 +58,20 @@ pub struct CommonOpt {
#[clap(short, long, env = "KANIDM_DEBUG")] #[clap(short, long, env = "KANIDM_DEBUG")]
pub debug: bool, pub debug: bool,
/// Select the instance name you wish to connect to /// Select the instance name you wish to connect to
#[clap(short='I', long="instance", env = "KANIDM_INSTANCE")] #[clap(short = 'I', long = "instance", env = "KANIDM_INSTANCE",
value_parser = clap::builder::NonEmptyStringValueParser::new())]
pub instance: Option<String>, pub instance: Option<String>,
/// The URL of the kanidm instance /// The URL of the kanidm instance
#[clap(short = 'H', long = "url", env = "KANIDM_URL")] #[clap(short = 'H', long = "url", env = "KANIDM_URL",
value_parser = clap::builder::NonEmptyStringValueParser::new())]
pub addr: Option<String>, pub addr: Option<String>,
/// User which will initiate requests /// User which will initiate requests
#[clap(short = 'D', long = "name", env = "KANIDM_NAME")] #[clap(
short = 'D',
long = "name",
env = "KANIDM_NAME",
value_parser = clap::builder::NonEmptyStringValueParser::new()
)]
pub username: Option<String>, pub username: Option<String>,
/// Path to a CA certificate file /// Path to a CA certificate file
#[clap(value_parser, short = 'C', long = "ca", env = "KANIDM_CA_PATH")] #[clap(value_parser, short = 'C', long = "ca", env = "KANIDM_CA_PATH")]
@ -80,7 +87,8 @@ pub struct CommonOpt {
)] )]
skip_hostname_verification: bool, skip_hostname_verification: bool,
/// Path to a file to cache tokens in, defaults to ~/.cache/kanidm_tokens /// Path to a file to cache tokens in, defaults to ~/.cache/kanidm_tokens
#[clap(short, long, env = "KANIDM_TOKEN_CACHE_PATH", hide = true, default_value = None)] #[clap(short, long, env = "KANIDM_TOKEN_CACHE_PATH", hide = true, default_value = None,
value_parser = clap::builder::NonEmptyStringValueParser::new())]
token_cache_path: Option<String>, token_cache_path: Option<String>,
} }
@ -250,6 +258,7 @@ pub enum GroupOpt {
/// The name of the group /// The name of the group
name: String, name: String,
/// Optional name/spn of a group that have entry manager rights over this group. /// Optional name/spn of a group that have entry manager rights over this group.
#[clap(value_parser = clap::builder::NonEmptyStringValueParser::new())]
entry_managed_by: Option<String>, entry_managed_by: Option<String>,
#[clap(flatten)] #[clap(flatten)]
copt: CommonOpt, copt: CommonOpt,
@ -321,7 +330,7 @@ pub enum GroupOpt {
pub enum GraphType { pub enum GraphType {
Graphviz, Graphviz,
Mermaid, Mermaid,
MermaidElk MermaidElk,
} }
#[derive(Clone, Copy, PartialEq, Eq, Hash, Debug, ValueEnum)] #[derive(Clone, Copy, PartialEq, Eq, Hash, Debug, ValueEnum)]
@ -329,7 +338,7 @@ pub enum ObjectType {
Group, Group,
BuiltinGroup, BuiltinGroup,
ServiceAccount, ServiceAccount,
Person Person,
} }
#[derive(Debug, Args)] #[derive(Debug, Args)]
@ -468,7 +477,8 @@ pub struct AccountPosixOpt {
aopts: AccountCommonOpt, aopts: AccountCommonOpt,
#[clap(long)] #[clap(long)]
gidnumber: Option<u32>, gidnumber: Option<u32>,
#[clap(long)] #[clap(long, value_parser = clap::builder::NonEmptyStringValueParser::new())]
/// Set the user's login shell
shell: Option<String>, shell: Option<String>,
#[clap(flatten)] #[clap(flatten)]
copt: CommonOpt, copt: CommonOpt,
@ -510,11 +520,14 @@ pub enum ServiceAccountPosix {
pub struct PersonUpdateOpt { pub struct PersonUpdateOpt {
#[clap(flatten)] #[clap(flatten)]
aopts: AccountCommonOpt, aopts: AccountCommonOpt,
#[clap(long, short, help = "Set the legal name for the person.")] #[clap(long, short, help = "Set the legal name for the person.",
value_parser = clap::builder::NonEmptyStringValueParser::new())]
legalname: Option<String>, legalname: Option<String>,
#[clap(long, short, help = "Set the account name for the person.")] #[clap(long, short, help = "Set the account name for the person.",
value_parser = clap::builder::NonEmptyStringValueParser::new())]
newname: Option<String>, newname: Option<String>,
#[clap(long, short = 'i', help = "Set the display name for the person.")] #[clap(long, short = 'i', help = "Set the display name for the person.",
value_parser = clap::builder::NonEmptyStringValueParser::new())]
displayname: Option<String>, displayname: Option<String>,
#[clap( #[clap(
long, long,
@ -564,7 +577,6 @@ pub enum AccountCertificate {
#[clap(flatten)] #[clap(flatten)]
copt: CommonOpt, copt: CommonOpt,
}, },
} }
#[derive(Debug, Subcommand)] #[derive(Debug, Subcommand)]
@ -650,7 +662,7 @@ pub enum PersonOpt {
Certificate { Certificate {
#[clap(subcommand)] #[clap(subcommand)]
commands: AccountCertificate, commands: AccountCertificate,
} },
} }
#[derive(Debug, Subcommand)] #[derive(Debug, Subcommand)]
@ -683,6 +695,7 @@ pub enum ServiceAccountApiToken {
#[clap(name = "expiry")] #[clap(name = "expiry")]
/// An optional rfc3339 time of the format "YYYY-MM-DDTHH:MM:SS+TZ", "2020-09-25T11:22:02+10:00". /// An optional rfc3339 time of the format "YYYY-MM-DDTHH:MM:SS+TZ", "2020-09-25T11:22:02+10:00".
/// After this time the api token will no longer be valid. /// After this time the api token will no longer be valid.
#[clap(value_parser = clap::builder::NonEmptyStringValueParser::new())]
expiry: Option<String>, expiry: Option<String>,
#[clap(long = "rw")] #[clap(long = "rw")]
read_write: bool, read_write: bool,
@ -705,18 +718,21 @@ pub enum ServiceAccountApiToken {
pub struct ServiceAccountUpdateOpt { pub struct ServiceAccountUpdateOpt {
#[clap(flatten)] #[clap(flatten)]
aopts: AccountCommonOpt, aopts: AccountCommonOpt,
#[clap(long, short, help = "Set the account name for the service account.")] #[clap(long, short, help = "Set the account name for the service account.",
value_parser = clap::builder::NonEmptyStringValueParser::new())]
newname: Option<String>, newname: Option<String>,
#[clap( #[clap(
long, long,
short = 'i', short = 'i',
help = "Set the display name for the service account." help = "Set the display name for the service account.",
value_parser = clap::builder::NonEmptyStringValueParser::new()
)] )]
displayname: Option<String>, displayname: Option<String>,
#[clap( #[clap(
long, long,
short = 'e', short = 'e',
help = "Set the entry manager for the service account." help = "Set the entry manager for the service account.",
value_parser = clap::builder::NonEmptyStringValueParser::new()
)] )]
entry_managed_by: Option<String>, entry_managed_by: Option<String>,
#[clap( #[clap(
@ -815,7 +831,8 @@ pub enum RecycleOpt {
pub struct LoginOpt { pub struct LoginOpt {
#[clap(flatten)] #[clap(flatten)]
copt: CommonOpt, copt: CommonOpt,
#[clap(short, long, env = "KANIDM_PASSWORD", hide = true)] #[clap(short, long, env = "KANIDM_PASSWORD", hide = true,
value_parser = clap::builder::NonEmptyStringValueParser::new())]
/// Supply a password to the login option /// Supply a password to the login option
password: Option<String>, password: Option<String>,
} }
@ -957,7 +974,6 @@ impl ValueEnum for Oauth2ClaimMapJoin {
} }
} }
#[derive(Debug, Subcommand)] #[derive(Debug, Subcommand)]
pub enum Oauth2Opt { pub enum Oauth2Opt {
#[clap(name = "list")] #[clap(name = "list")]
@ -1074,17 +1090,18 @@ pub enum Oauth2Opt {
url: Url, url: Url,
}, },
/// The image presented on the Kanidm Apps Listing page for an oauth2 resource server. /// The image presented on the Kanidm Apps Listing page for an oauth2 resource server.
#[clap(name="set-image")] #[clap(name = "set-image")]
SetImage { SetImage {
#[clap(flatten)] #[clap(flatten)]
nopt: Named, nopt: Named,
#[clap(name = "file-path")] #[clap(name = "file-path")]
path: PathBuf, path: PathBuf,
#[clap(name = "image-type")] #[clap(name = "image-type",
value_parser = clap::builder::NonEmptyStringValueParser::new())]
image_type: Option<String>, image_type: Option<String>,
}, },
/// Removes the custom image previously set. /// Removes the custom image previously set.
#[clap(name="remove-image")] #[clap(name = "remove-image")]
RemoveImage(Named), RemoveImage(Named),
/// Add a supplemental URL as a redirection target. For example a phone app /// Add a supplemental URL as a redirection target. For example a phone app
@ -1256,7 +1273,7 @@ pub enum DomainOpt {
#[clap(flatten)] #[clap(flatten)]
copt: CommonOpt, copt: CommonOpt,
key_id: String, key_id: String,
} },
} }
#[derive(Debug, Subcommand)] #[derive(Debug, Subcommand)]
@ -1285,7 +1302,8 @@ pub enum SynchOpt {
account_id: String, account_id: String,
#[clap(flatten)] #[clap(flatten)]
copt: CommonOpt, copt: CommonOpt,
#[clap(name = "description")] #[clap(name = "description",
value_parser = clap::builder::NonEmptyStringValueParser::new())]
description: Option<String>, description: Option<String>,
}, },
/// Generate a bearer token for an IDM sync account /// Generate a bearer token for an IDM sync account
@ -1509,4 +1527,3 @@ pub struct KanidmClientParser {
#[clap(subcommand)] #[clap(subcommand)]
pub commands: KanidmClientOpt, pub commands: KanidmClientOpt,
} }