def endpoint_create(**kwargs): """ Create a new endpoint. Requires a display name and exactly one of --personal, --server, or --shared to make a Globus Connect Personal, Globus Connect Server, or Shared endpoint respectively. """ client = get_client() # get endpoint type, ensure unambiguous. personal = kwargs.pop("personal") server = kwargs.pop("server") shared = kwargs.pop("shared") if personal and (not server) and (not shared): endpoint_type = "personal" elif server and (not personal) and (not shared): endpoint_type = "server" elif shared and (not personal) and (not server): endpoint_type = "shared" else: raise click.UsageError( "Exactly one of --personal, --server, or --shared is required.") # validate options kwargs["is_globus_connect"] = personal or None validate_endpoint_create_and_update_params(endpoint_type, False, kwargs) # shared endpoint creation if shared: endpoint_id, host_path = shared kwargs["host_endpoint"] = endpoint_id kwargs["host_path"] = host_path ep_doc = assemble_generic_doc("shared_endpoint", **kwargs) autoactivate(client, endpoint_id, if_expires_in=60) res = client.create_shared_endpoint(ep_doc) # non shared endpoint creation else: # omit `is_globus_connect` key if not GCP, otherwise include as `True` ep_doc = assemble_generic_doc("endpoint", **kwargs) res = client.create_endpoint(ep_doc) # output formatted_print( res, fields=(COMMON_FIELDS + GCP_FIELDS if personal else COMMON_FIELDS), text_format=FORMAT_TEXT_RECORD, )
def endpoint_update(**kwargs): """ Executor for `globus endpoint update` """ # validate params. Requires a get call to check the endpoint type client = get_client() endpoint_id = kwargs.pop("endpoint_id") get_res = client.get_endpoint(endpoint_id) if get_res["host_endpoint_id"]: endpoint_type = "shared" elif get_res["is_globus_connect"]: endpoint_type = "personal" elif get_res["s3_url"]: endpoint_type = "s3" else: endpoint_type = "server" validate_endpoint_create_and_update_params( endpoint_type, get_res["subscription_id"], kwargs ) # make the update ep_doc = assemble_generic_doc("endpoint", **kwargs) res = client.update_endpoint(endpoint_id, ep_doc) formatted_print(res, text_format=FORMAT_TEXT_RAW, response_key="message")
def server_update( endpoint_id, server_id, subject, port, scheme, hostname, incoming_data_ports, outgoing_data_ports, ): """ Executor for `globus endpoint server update` """ client = get_client() server_doc = assemble_generic_doc( "server", subject=subject, port=port, scheme=scheme, hostname=hostname ) # n.b. must be done after assemble_generic_doc(), as that function filters # out `None`s, which we need to be able to set for `'unspecified'` if incoming_data_ports: server_doc.update( incoming_data_port_start=incoming_data_ports[0], incoming_data_port_end=incoming_data_ports[1], ) if outgoing_data_ports: server_doc.update( outgoing_data_port_start=outgoing_data_ports[0], outgoing_data_port_end=outgoing_data_ports[1], ) res = client.update_endpoint_server(endpoint_id, server_id, server_doc) formatted_print(res, text_format=FORMAT_TEXT_RAW, response_key="message")
def server_add( endpoint_id, subject, port, scheme, hostname, incoming_data_ports, outgoing_data_ports, ): """ Executor for `globus endpoint server add` """ client = get_client() server_doc = assemble_generic_doc("server", subject=subject, port=port, scheme=scheme, hostname=hostname) # n.b. must be done after assemble_generic_doc(), as that function filters # out `None`s, which we need to be able to set for `'unspecified'` if incoming_data_ports: server_doc.update( incoming_data_port_start=incoming_data_ports[0], incoming_data_port_end=incoming_data_ports[1], ) if outgoing_data_ports: server_doc.update( outgoing_data_port_start=outgoing_data_ports[0], outgoing_data_port_end=outgoing_data_ports[1], ) res = client.add_endpoint_server(endpoint_id, server_doc) formatted_print(res, text_format=FORMAT_TEXT_RAW, response_key="message")
def role_create(role, principal, endpoint_id): """ Create a role on an endpoint. You must have sufficient privileges to modify the roles on the endpoint. Either *--group* or *--identity* is required. You may not pass both. Which one of these options you use will determine the 'Principal Type' on the role, and the value given will be the 'Principal' of the resulting role. The term "Principal" is used in the sense of "a security principal", an entity which has some privileges associated with it. """ principal_type, principal_val = principal client = get_client() if principal_type == "identity": principal_val = maybe_lookup_identity_id(principal_val) if not principal_val: raise click.UsageError( "Identity does not exist. " "Use --provision-identity to auto-provision an identity.") elif principal_type == "provision-identity": principal_val = maybe_lookup_identity_id(principal_val, provision=True) principal_type = "identity" role_doc = assemble_generic_doc("role", principal_type=principal_type, principal=principal_val, role=role) res = client.add_endpoint_role(endpoint_id, role_doc) formatted_print(res, simple_text="ID: {}".format(res["id"]))
def role_create(role, principal, endpoint_id): """ Executor for `globus endpoint role show` """ principal_type, principal_val = principal client = get_client() if principal_type == 'identity': principal_val = maybe_lookup_identity_id(principal_val) if not principal_val: raise click.UsageError( 'Identity does not exist. ' 'Use --provision-identity to auto-provision an identity.') elif principal_type == 'provision-identity': principal_val = maybe_lookup_identity_id(principal_val, provision=True) principal_type = 'identity' role_doc = assemble_generic_doc('role', principal_type=principal_type, principal=principal_val, role=role) res = client.add_endpoint_role(endpoint_id, role_doc) formatted_print(res, simple_text='ID: {}'.format(res['id']))
def endpoint_update(**kwargs): """ Executor for `globus endpoint update` """ # validate params. Requires a get call to check the endpoint type client = get_client() endpoint_id = kwargs.pop("endpoint_id") get_res = client.get_endpoint(endpoint_id) if get_res["host_endpoint_id"]: endpoint_type = "shared" elif get_res["is_globus_connect"]: endpoint_type = "personal" elif get_res["s3_url"]: endpoint_type = "s3" else: endpoint_type = "server" validate_endpoint_create_and_update_params(endpoint_type, get_res["subscription_id"], kwargs) # make the update ep_doc = assemble_generic_doc('endpoint', **kwargs) res = client.update_endpoint(endpoint_id, ep_doc) formatted_print(res, text_format=FORMAT_TEXT_RAW, response_key='message')
def role_create(role, principal, endpoint_id): """ Executor for `globus endpoint role show` """ principal_type, principal_val = principal client = get_client() if principal_type == "identity": principal_val = maybe_lookup_identity_id(principal_val) if not principal_val: raise click.UsageError( "Identity does not exist. " "Use --provision-identity to auto-provision an identity." ) elif principal_type == "provision-identity": principal_val = maybe_lookup_identity_id(principal_val, provision=True) principal_type = "identity" role_doc = assemble_generic_doc( "role", principal_type=principal_type, principal=principal_val, role=role ) res = client.add_endpoint_role(endpoint_id, role_doc) formatted_print(res, simple_text="ID: {}".format(res["id"]))
def update_command(permissions, rule_id, endpoint_id): """ Executor for `globus endpoint permission update` """ client = get_client() rule_data = assemble_generic_doc("access", permissions=permissions) res = client.update_endpoint_acl_rule(endpoint_id, rule_id, rule_data) formatted_print(res, text_format=FORMAT_TEXT_RAW, response_key="message")
def update_task(deadline, label, task_id): """ Executor for `globus task update` """ client = get_client() task_doc = assemble_generic_doc("task", label=label, deadline=deadline) res = client.update_task(task_id, task_doc) formatted_print(res, simple_text="Success")
def update_task(deadline, label, task_id): """ Update label and/or deadline on an active task. If a Task has completed, these attributes may no longer be updated. """ client = get_client() task_doc = assemble_generic_doc("task", label=label, deadline=deadline) res = client.update_task(task_id, task_doc) formatted_print(res, simple_text="Success")
def update_command(permissions, rule_id, endpoint_id): """ Update an existing access control rule's permissions. The --permissions option is required, as it is currently the only field that can be updated. """ client = get_client() rule_data = assemble_generic_doc("access", permissions=permissions) res = client.update_endpoint_acl_rule(endpoint_id, rule_id, rule_data) formatted_print(res, text_format=FORMAT_TEXT_RAW, response_key="message")
def create_command(principal, permissions, endpoint_plus_path, notify_email, notify_message): """ Create a new access control rule on the target endpoint, granting users new permissions on the given path. The target endpoint must be a shared endpoint, as only these use access control lists to manage permissions. The '--permissions' option is required, and exactly one of '--all-authenticated' '--anonymous', '--group', or '--identity' is required to know to whom permissions are being granted. """ if not principal: raise click.UsageError( "A security principal is required for this command") endpoint_id, path = endpoint_plus_path principal_type, principal_val = principal client = get_client() if principal_type == "identity": principal_val = maybe_lookup_identity_id(principal_val) if not principal_val: raise click.UsageError( "Identity does not exist. " "Use --provision-identity to auto-provision an identity.") elif principal_type == "provision-identity": principal_val = maybe_lookup_identity_id(principal_val, provision=True) principal_type = "identity" if not notify_email: notify_message = None rule_data = assemble_generic_doc( "access", permissions=permissions, principal=principal_val, principal_type=principal_type, path=path, notify_email=notify_email, notify_message=notify_message, ) res = client.add_endpoint_acl_rule(endpoint_id, rule_data) formatted_print( res, text_format=FORMAT_TEXT_RECORD, fields=[("Message", "message"), ("Rule ID", "access_id")], )
def create_command( principal, permissions, endpoint_plus_path, notify_email, notify_message ): """ Executor for `globus endpoint permission create` """ if not principal: raise click.UsageError("A security principal is required for this command") endpoint_id, path = endpoint_plus_path principal_type, principal_val = principal client = get_client() if principal_type == "identity": principal_val = maybe_lookup_identity_id(principal_val) if not principal_val: raise click.UsageError( "Identity does not exist. " "Use --provision-identity to auto-provision an identity." ) elif principal_type == "provision-identity": principal_val = maybe_lookup_identity_id(principal_val, provision=True) principal_type = "identity" if not notify_email: notify_message = None rule_data = assemble_generic_doc( "access", permissions=permissions, principal=principal_val, principal_type=principal_type, path=path, notify_email=notify_email, notify_message=notify_message, ) res = client.add_endpoint_acl_rule(endpoint_id, rule_data) formatted_print( res, text_format=FORMAT_TEXT_RECORD, fields=[("Message", "message"), ("Rule ID", "access_id")], )
def create_command(principal, permissions, endpoint_plus_path, notify_email, notify_message): """ Executor for `globus endpoint permission create` """ if not principal: raise click.UsageError( "A security principal is required for this command") endpoint_id, path = endpoint_plus_path principal_type, principal_val = principal client = get_client() if principal_type == "identity": principal_val = maybe_lookup_identity_id(principal_val) if not principal_val: raise click.UsageError( "Identity does not exist. " "Use --provision-identity to auto-provision an identity.") elif principal_type == "provision-identity": principal_val = maybe_lookup_identity_id(principal_val, provision=True) principal_type = "identity" if not notify_email: notify_message = None rule_data = assemble_generic_doc( "access", permissions=permissions, principal=principal_val, principal_type=principal_type, path=path, notify_email=notify_email, notify_message=notify_message, ) res = client.add_endpoint_acl_rule(endpoint_id, rule_data) formatted_print( res, text_format=FORMAT_TEXT_RECORD, fields=[("Message", "message"), ("Rule ID", "access_id")], )
def create_command(principal, permissions, endpoint_plus_path, notify_email, notify_message): """ Executor for `globus endpoint permission create` """ if not principal: raise click.UsageError( 'A security principal is required for this command') endpoint_id, path = endpoint_plus_path principal_type, principal_val = principal client = get_client() if principal_type == 'identity': principal_val = maybe_lookup_identity_id(principal_val) if not principal_val: raise click.UsageError( 'Identity does not exist. ' 'Use --provision-identity to auto-provision an identity.') elif principal_type == 'provision-identity': principal_val = maybe_lookup_identity_id(principal_val, provision=True) principal_type = 'identity' if not notify_email: notify_message = None rule_data = assemble_generic_doc('access', permissions=permissions, principal=principal_val, principal_type=principal_type, path=path, notify_email=notify_email, notify_message=notify_message) res = client.add_endpoint_acl_rule(endpoint_id, rule_data) formatted_print(res, text_format=FORMAT_TEXT_RECORD, fields=[('Message', 'message'), ('Rule ID', 'access_id')])