1// Copyright 2016 The etcd Authors 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15package command 16 17import ( 18 "fmt" 19 20 "github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes" 21 "github.com/spf13/cobra" 22) 23 24// NewAuthCommand returns the cobra command for "auth". 25func NewAuthCommand() *cobra.Command { 26 ac := &cobra.Command{ 27 Use: "auth <enable or disable>", 28 Short: "Enable or disable authentication", 29 } 30 31 ac.AddCommand(newAuthEnableCommand()) 32 ac.AddCommand(newAuthDisableCommand()) 33 34 return ac 35} 36 37func newAuthEnableCommand() *cobra.Command { 38 return &cobra.Command{ 39 Use: "enable", 40 Short: "Enables authentication", 41 Run: authEnableCommandFunc, 42 } 43} 44 45// authEnableCommandFunc executes the "auth enable" command. 46func authEnableCommandFunc(cmd *cobra.Command, args []string) { 47 if len(args) != 0 { 48 ExitWithError(ExitBadArgs, fmt.Errorf("auth enable command does not accept any arguments.")) 49 } 50 51 ctx, cancel := commandCtx(cmd) 52 cli := mustClientFromCmd(cmd) 53 var err error 54 for err == nil { 55 if _, err = cli.AuthEnable(ctx); err == nil { 56 break 57 } 58 if err == rpctypes.ErrRootRoleNotExist { 59 if _, err = cli.RoleAdd(ctx, "root"); err != nil { 60 break 61 } 62 if _, err = cli.UserGrantRole(ctx, "root", "root"); err != nil { 63 break 64 } 65 } 66 } 67 cancel() 68 if err != nil { 69 ExitWithError(ExitError, err) 70 } 71 72 fmt.Println("Authentication Enabled") 73} 74 75func newAuthDisableCommand() *cobra.Command { 76 return &cobra.Command{ 77 Use: "disable", 78 Short: "Disables authentication", 79 Run: authDisableCommandFunc, 80 } 81} 82 83// authDisableCommandFunc executes the "auth disable" command. 84func authDisableCommandFunc(cmd *cobra.Command, args []string) { 85 if len(args) != 0 { 86 ExitWithError(ExitBadArgs, fmt.Errorf("auth disable command does not accept any arguments.")) 87 } 88 89 ctx, cancel := commandCtx(cmd) 90 _, err := mustClientFromCmd(cmd).Auth.AuthDisable(ctx) 91 cancel() 92 if err != nil { 93 ExitWithError(ExitError, err) 94 } 95 96 fmt.Println("Authentication Disabled") 97} 98