openstack_cli 0.13.5

OpenStack client rewritten in Rust
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238

// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0
//
// WARNING: This file is automatically generated from OpenAPI schema using
// `openstack-codegenerator`.

//! Create Trust command
//!
//! Wraps invoking of the `v3/OS-TRUST/trusts` with `POST` method

use clap::Args;
use eyre::{OptionExt, WrapErr};
use tracing::info;

use openstack_sdk::AsyncOpenStack;

use crate::Cli;
use crate::OpenStackCliError;
use crate::output::OutputProcessor;

use crate::common::parse_key_val;
use openstack_sdk::api::QueryAsync;
use openstack_sdk::api::identity::v3::os_trust::trust::create;
use openstack_types::identity::v3::os_trust::trust::response::create::TrustResponse;
use serde_json::Value;

/// Create a new trust.
///
/// The User creating the trust must be the trustor.
///
/// POST /v3/OS-TRUST/trusts
#[derive(Args)]
pub struct TrustCommand {
    /// Request Query parameters
    #[command(flatten)]
    query: QueryParameters,

    /// Path parameters
    #[command(flatten)]
    path: PathParameters,

    #[command(flatten)]
    trust: Trust,
}

/// Query parameters
#[derive(Args)]
struct QueryParameters {}

/// Path parameters
#[derive(Args)]
struct PathParameters {}
/// Trust Body data
#[derive(Args, Clone)]
struct Trust {
    /// If set to true then a trust between a trustor and any third-party user
    /// may be issued by the trustee just like a regular trust. If set to
    /// false, stops further redelegation. False by default.
    #[arg(action=clap::ArgAction::Set, help_heading = "Body parameters", long)]
    allow_redelegation: Option<Option<bool>>,

    /// Specifies the expiration time of the trust. A trust may be revoked
    /// ahead of expiration. If the value represents a time in the past, the
    /// trust is deactivated. In the redelegation case it must not exceed the
    /// value of the corresponding expires_at field of the redelegated trust or
    /// it may be omitted, then the expires_at value is copied from the
    /// redelegated trust.
    #[arg(help_heading = "Body parameters", long)]
    expires_at: Option<String>,

    /// Set explicit NULL for the expires_at
    #[arg(help_heading = "Body parameters", long, action = clap::ArgAction::SetTrue, conflicts_with = "expires_at")]
    no_expires_at: bool,

    /// If set to true, then the user attribute of tokens generated based on
    /// the trust will represent that of the trustor rather than the trustee,
    /// thus allowing the trustee to impersonate the trustor. If impersonation
    /// if set to false, then the token's user attribute will represent that of
    /// the trustee.
    #[arg(action=clap::ArgAction::Set, help_heading = "Body parameters", long)]
    impersonation: bool,

    /// Identifies the project upon which the trustor is delegating
    /// authorization.
    #[arg(help_heading = "Body parameters", long)]
    project_id: Option<String>,

    /// Set explicit NULL for the project_id
    #[arg(help_heading = "Body parameters", long, action = clap::ArgAction::SetTrue, conflicts_with = "project_id")]
    no_project_id: bool,

    /// Returned with redelegated trust provides information about the
    /// predecessor in the trust chain.
    #[arg(help_heading = "Body parameters", long)]
    redelegated_trust_id: Option<String>,

    /// Set explicit NULL for the redelegated_trust_id
    #[arg(help_heading = "Body parameters", long, action = clap::ArgAction::SetTrue, conflicts_with = "redelegated_trust_id")]
    no_redelegated_trust_id: bool,

    /// Specifies the maximum remaining depth of the redelegated trust chain.
    /// Each subsequent trust has this field decremented by 1 automatically.
    /// The initial trustor issuing new trust that can be redelegated, must set
    /// allow_redelegation to true and may set redelegation_count to an integer
    /// value less than or equal to max_redelegation_count configuration
    /// parameter in order to limit the possible length of derived trust
    /// chains. The trust issued by the trustor using a project-scoped token
    /// (not redelegating), in which allow_redelegation is set to true (the new
    /// trust is redelegatable), will be populated with the value specified in
    /// the max_redelegation_count configuration parameter if
    /// redelegation_count is not set or set to null. If allow_redelegation is
    /// set to false then redelegation_count will be set to 0 in the trust. If
    /// the trust is being issued by the trustee of a redelegatable
    /// trust-scoped token (redelegation case) then redelegation_count should
    /// not be set, as it will automatically be set to the value in the
    /// redelegatable trust-scoped token decremented by 1. Note, if the
    /// resulting value is 0, this means that the new trust will not be
    /// redelegatable, regardless of the value of allow_redelegation.
    #[arg(help_heading = "Body parameters", long)]
    redelegation_count: Option<Option<u32>>,

    /// Specifies how many times the trust can be used to obtain a token. This
    /// value is decreased each time a token is issued through the trust. Once
    /// it reaches 0, no further tokens will be issued through the trust. The
    /// default value is null, meaning there is no limit on the number of
    /// tokens issued through the trust. If redelegation is enabled it must not
    /// be set.
    #[arg(help_heading = "Body parameters", long)]
    remaining_uses: Option<Option<i32>>,

    /// Parameter is an array, may be provided multiple times.
    #[arg(action=clap::ArgAction::Append, help_heading = "Body parameters", long, value_name="JSON", value_parser=crate::common::parse_json)]
    roles: Option<Vec<Value>>,

    /// Represents the user who is capable of consuming the trust.
    #[arg(help_heading = "Body parameters", long)]
    trustee_user_id: String,

    /// Represents the user who created the trust, and who's authorization is
    /// being delegated.
    #[arg(help_heading = "Body parameters", long)]
    trustor_user_id: String,
}

impl TrustCommand {
    /// Perform command action
    pub async fn take_action(
        &self,
        parsed_args: &Cli,
        client: &mut AsyncOpenStack,
    ) -> Result<(), OpenStackCliError> {
        info!("Create Trust");

        let op = OutputProcessor::from_args(
            parsed_args,
            Some("identity.OS_TRUST/trust"),
            Some("create"),
        );
        op.validate_args(parsed_args)?;

        let mut ep_builder = create::Request::builder();

        // Set body parameters
        // Set Request.trust data
        let args = &self.trust;
        let mut trust_builder = create::TrustBuilder::default();
        if let Some(val) = &args.allow_redelegation {
            trust_builder.allow_redelegation(*val);
        }

        if let Some(val) = &args.expires_at {
            trust_builder.expires_at(Some(val.into()));
        } else if args.no_expires_at {
            trust_builder.expires_at(None);
        }

        trust_builder.impersonation(args.impersonation);

        if let Some(val) = &args.project_id {
            trust_builder.project_id(Some(val.into()));
        } else if args.no_project_id {
            trust_builder.project_id(None);
        }

        if let Some(val) = &args.redelegated_trust_id {
            trust_builder.redelegated_trust_id(Some(val.into()));
        } else if args.no_redelegated_trust_id {
            trust_builder.redelegated_trust_id(None);
        }

        if let Some(val) = &args.redelegation_count {
            trust_builder.redelegation_count(*val);
        }

        if let Some(val) = &args.remaining_uses {
            trust_builder.remaining_uses(*val);
        }

        if let Some(val) = &args.roles {
            let roles_builder: Vec<create::Roles> = val
                .iter()
                .flat_map(|v| serde_json::from_value::<create::Roles>(v.to_owned()))
                .collect::<Vec<create::Roles>>();
            trust_builder.roles(roles_builder);
        }

        trust_builder.trustee_user_id(&args.trustee_user_id);

        trust_builder.trustor_user_id(&args.trustor_user_id);

        ep_builder.trust(
            trust_builder
                .build()
                .wrap_err("error preparing the request data")?,
        );

        let ep = ep_builder
            .build()
            .map_err(|x| OpenStackCliError::EndpointBuild(x.to_string()))?;

        let data = ep.query_async(client).await?;
        op.output_single::<TrustResponse>(data)?;
        // Show command specific hints
        op.show_command_hint()?;
        Ok(())
    }
}