Merge remote-tracking branch 'origin/main' into feat/dhernando/output-table-pattern-in-list-cmds

Author: Davidonium

internal/cmd/completion/iam.go

@@ -0,0 +1,99 @@
+package completion
+
+import (
+	"github.com/spf13/cobra"
+
+	iamv1 "github.com/qdrant/qdrant-cloud-public-api/gen/go/qdrant/cloud/iam/v1"
+
+	"github.com/qdrant/qcloud-cli/internal/state"
+)
+
+// RoleCompletion returns a completion function that completes IAM role names
+// with their ID as description.
+func RoleCompletion(s *state.State) func(*cobra.Command, []string, string) ([]string, cobra.ShellCompDirective) {
+	return func(cmd *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
+		ctx := cmd.Context()
+		client, err := s.Client(ctx)
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		accountID, err := s.AccountID()
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		resp, err := client.IAM().ListRoles(ctx, &iamv1.ListRolesRequest{AccountId: accountID})
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		completions := make([]string, 0, len(resp.GetItems()))
+		for _, r := range resp.GetItems() {
+			completions = append(completions, r.GetName()+"\t"+r.GetId())
+		}
+		return completions, cobra.ShellCompDirectiveNoFileComp
+	}
+}
+
+// RoleIDCompletion returns a ValidArgsFunction that completes role IDs.
+func RoleIDCompletion(s *state.State) func(*cobra.Command, []string, string) ([]string, cobra.ShellCompDirective) {
+	return func(cmd *cobra.Command, args []string, _ string) ([]string, cobra.ShellCompDirective) {
+		if len(args) > 0 {
+			return nil, cobra.ShellCompDirectiveNoFileComp
+		}
+
+		ctx := cmd.Context()
+		client, err := s.Client(ctx)
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		accountID, err := s.AccountID()
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		resp, err := client.IAM().ListRoles(ctx, &iamv1.ListRolesRequest{
+			AccountId: accountID,
+		})
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		completions := make([]string, 0, len(resp.GetItems()))
+		for _, r := range resp.GetItems() {
+			completions = append(completions, r.GetId()+"\t"+r.GetName())
+		}
+		return completions, cobra.ShellCompDirectiveNoFileComp
+	}
+}
+
+// PermissionCompletion returns a completion function for the --permission flag.
+func PermissionCompletion(s *state.State) func(*cobra.Command, []string, string) ([]string, cobra.ShellCompDirective) {
+	return func(cmd *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) {
+		ctx := cmd.Context()
+		client, err := s.Client(ctx)
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		accountID, err := s.AccountID()
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		resp, err := client.IAM().ListPermissions(ctx, &iamv1.ListPermissionsRequest{
+			AccountId: accountID,
+		})
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		completions := make([]string, 0, len(resp.GetPermissions()))
+		for _, p := range resp.GetPermissions() {
+			completions = append(completions, p.GetValue()+"\t"+p.GetCategory())
+		}
+		return completions, cobra.ShellCompDirectiveNoFileComp
+	}
+}

internal/cmd/iam/completion.go

@@ -0,0 +1,39 @@
+package iam
+
+import (
+	"github.com/spf13/cobra"
+
+	iamv1 "github.com/qdrant/qdrant-cloud-public-api/gen/go/qdrant/cloud/iam/v1"
+
+	"github.com/qdrant/qcloud-cli/internal/state"
+)
+
+// userCompletion returns a ValidArgsFunction that completes user IDs with
+// their email as description. It only completes the first positional argument.
+func userCompletion(s *state.State) func(*cobra.Command, []string, string) ([]string, cobra.ShellCompDirective) {
+	return func(cmd *cobra.Command, args []string, _ string) ([]string, cobra.ShellCompDirective) {
+		if len(args) > 0 {
+			return nil, cobra.ShellCompDirectiveNoFileComp
+		}
+		ctx := cmd.Context()
+		client, err := s.Client(ctx)
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+		accountID, err := s.AccountID()
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		resp, err := client.IAM().ListUsers(ctx, &iamv1.ListUsersRequest{AccountId: accountID})
+		if err != nil {
+			return nil, cobra.ShellCompDirectiveError
+		}
+
+		completions := make([]string, 0, len(resp.GetItems()))
+		for _, u := range resp.GetItems() {
+			completions = append(completions, u.GetId()+"\t"+u.GetEmail())
+		}
+		return completions, cobra.ShellCompDirectiveNoFileComp
+	}
+}

internal/cmd/iam/completion_test.go

@@ -0,0 +1,143 @@
+package iam_test
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
+	iamv1 "github.com/qdrant/qdrant-cloud-public-api/gen/go/qdrant/cloud/iam/v1"
+
+	"github.com/qdrant/qcloud-cli/internal/testutil"
+)
+
+func TestUserCompletion(t *testing.T) {
+	env := testutil.NewTestEnv(t)
+
+	env.IAMServer.ListUsersCalls.Returns(&iamv1.ListUsersResponse{
+		Items: []*iamv1.User{
+			{Id: "user-uuid-1", Email: "alice@example.com"},
+			{Id: "user-uuid-2", Email: "bob@example.com"},
+		},
+	}, nil)
+
+	stdout, _, err := testutil.Exec(t, env, "__complete", "iam", "user", "describe", "")
+	require.NoError(t, err)
+	assert.Contains(t, stdout, "user-uuid-1")
+	assert.Contains(t, stdout, "alice@example.com")
+	assert.Contains(t, stdout, "user-uuid-2")
+	assert.Contains(t, stdout, "bob@example.com")
+}
+
+func TestUserCompletion_StopsAfterFirstArg(t *testing.T) {
+	env := testutil.NewTestEnv(t)
+
+	stdout, _, err := testutil.Exec(t, env, "__complete", "iam", "user", "describe", "user-uuid-1", "")
+	require.NoError(t, err)
+	assert.NotContains(t, stdout, "user-uuid")
+}
+
+func TestUserThenRoleCompletion_FirstArg(t *testing.T) {
+	env := testutil.NewTestEnv(t)
+
+	env.IAMServer.ListUsersCalls.Returns(&iamv1.ListUsersResponse{
+		Items: []*iamv1.User{
+			{Id: "user-uuid-1", Email: "alice@example.com"},
+		},
+	}, nil)
+
+	stdout, _, err := testutil.Exec(t, env, "__complete", "iam", "user", "assign-role", "")
+	require.NoError(t, err)
+	assert.Contains(t, stdout, "user-uuid-1")
+	assert.Contains(t, stdout, "alice@example.com")
+}
+
+func TestRoleIDCompletion_Describe(t *testing.T) {
+	env := testutil.NewTestEnv(t)
+	env.IAMServer.ListRolesCalls.Returns(&iamv1.ListRolesResponse{
+		Items: []*iamv1.Role{
+			{Id: "role-uuid-1", Name: "Admin"},
+			{Id: "role-uuid-2", Name: "Viewer"},
+		},
+	}, nil)
+
+	stdout, _, err := testutil.Exec(t, env, "__complete", "iam", "role", "describe", "")
+	require.NoError(t, err)
+	assert.Contains(t, stdout, "role-uuid-1")
+	assert.Contains(t, stdout, "Admin")
+	assert.Contains(t, stdout, "role-uuid-2")
+	assert.Contains(t, stdout, "Viewer")
+}
+
+func TestRoleIDCompletion_Delete(t *testing.T) {
+	env := testutil.NewTestEnv(t)
+	env.IAMServer.ListRolesCalls.Returns(&iamv1.ListRolesResponse{
+		Items: []*iamv1.Role{
+			{Id: "role-uuid-1", Name: "Admin"},
+		},
+	}, nil)
+
+	stdout, _, err := testutil.Exec(t, env, "__complete", "iam", "role", "delete", "")
+	require.NoError(t, err)
+	assert.Contains(t, stdout, "role-uuid-1")
+	assert.Contains(t, stdout, "Admin")
+}
+
+func TestRoleIDCompletion_AssignPermission(t *testing.T) {
+	env := testutil.NewTestEnv(t)
+	env.IAMServer.ListRolesCalls.Returns(&iamv1.ListRolesResponse{
+		Items: []*iamv1.Role{
+			{Id: "role-uuid-1", Name: "Custom Role"},
+		},
+	}, nil)
+
+	stdout, _, err := testutil.Exec(t, env, "__complete", "iam", "role", "assign-permission", "")
+	require.NoError(t, err)
+	assert.Contains(t, stdout, "role-uuid-1")
+	assert.Contains(t, stdout, "Custom Role")
+}
+
+func TestPermissionCompletion_Create(t *testing.T) {
+	env := testutil.NewTestEnv(t)
+	env.IAMServer.ListPermissionsCalls.Returns(&iamv1.ListPermissionsResponse{
+		Permissions: []*iamv1.Permission{
+			{Value: "read:clusters", Category: new("Cluster")},
+			{Value: "write:backups", Category: new("Backup")},
+		},
+	}, nil)
+
+	stdout, _, err := testutil.Exec(t, env, "__complete", "iam", "role", "create", "--name", "test", "--permission", "")
+	require.NoError(t, err)
+	assert.Contains(t, stdout, "read:clusters")
+	assert.Contains(t, stdout, "Cluster")
+	assert.Contains(t, stdout, "write:backups")
+	assert.Contains(t, stdout, "Backup")
+}
+
+func TestPermissionCompletion_AssignPermission(t *testing.T) {
+	env := testutil.NewTestEnv(t)
+	env.IAMServer.ListPermissionsCalls.Returns(&iamv1.ListPermissionsResponse{
+		Permissions: []*iamv1.Permission{
+			{Value: "read:clusters", Category: new("Cluster")},
+		},
+	}, nil)
+
+	stdout, _, err := testutil.Exec(t, env, "__complete", "iam", "role", "assign-permission", "some-role-id", "--permission", "")
+	require.NoError(t, err)
+	assert.Contains(t, stdout, "read:clusters")
+	assert.Contains(t, stdout, "Cluster")
+}
+
+func TestPermissionCompletion_RemovePermission(t *testing.T) {
+	env := testutil.NewTestEnv(t)
+	env.IAMServer.ListPermissionsCalls.Returns(&iamv1.ListPermissionsResponse{
+		Permissions: []*iamv1.Permission{
+			{Value: "write:backups", Category: new("Backup")},
+		},
+	}, nil)
+
+	stdout, _, err := testutil.Exec(t, env, "__complete", "iam", "role", "remove-permission", "some-role-id", "--permission", "")
+	require.NoError(t, err)
+	assert.Contains(t, stdout, "write:backups")
+	assert.Contains(t, stdout, "Backup")
+}

internal/cmd/iam/iam.go

@@ -14,6 +14,11 @@ func NewCommand(s *state.State) *cobra.Command {
 		Long:  `Manage IAM resources for the Qdrant Cloud account.`,
 		Args:  cobra.NoArgs,
 	}
-	cmd.AddCommand(newKeyCommand(s))
+	cmd.AddCommand(
+		newKeyCommand(s),
+		newUserCommand(s),
+		newRoleCommand(s),
+		newPermissionCommand(s),
+	)
 	return cmd
 }

internal/cmd/iam/iam_test.go

@@ -0,0 +1,7 @@
+package iam_test
+
+// Shared test constants used across iam subcommand test files.
+const (
+	testUserID = "7b2ea926-724b-4de2-b73a-8675c42a6ebe"
+	testRoleID = "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
+)

internal/cmd/iam/permission.go

@@ -0,0 +1,21 @@
+package iam
+
+import (
+	"github.com/spf13/cobra"
+
+	"github.com/qdrant/qcloud-cli/internal/state"
+)
+
+func newPermissionCommand(s *state.State) *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "permission",
+		Short: "Manage permissions in Qdrant Cloud",
+		Long: `Manage permissions for the Qdrant Cloud account.
+
+Permissions represent individual access rights that can be assigned to roles.
+Use these commands to discover which permissions are available in the system.`,
+		Args: cobra.NoArgs,
+	}
+	cmd.AddCommand(newPermissionListCommand(s))
+	return cmd
+}

internal/cmd/iam/permission_list.go

@@ -0,0 +1,57 @@
+package iam
+
+import (
+	"io"
+
+	"github.com/spf13/cobra"
+
+	iamv1 "github.com/qdrant/qdrant-cloud-public-api/gen/go/qdrant/cloud/iam/v1"
+
+	"github.com/qdrant/qcloud-cli/internal/cmd/base"
+	"github.com/qdrant/qcloud-cli/internal/cmd/output"
+	"github.com/qdrant/qcloud-cli/internal/state"
+)
+
+func newPermissionListCommand(s *state.State) *cobra.Command {
+	return base.ListCmd[*iamv1.ListPermissionsResponse]{
+		Use:   "list",
+		Short: "List all available permissions",
+		Long: `List all permissions known in the system for the account.
+
+Permissions are the individual access rights that can be assigned to roles.
+Each permission has a value (e.g. "read:clusters") and a category
+(e.g. "Cluster").`,
+		Example: `# List all available permissions
+qcloud iam permission list
+
+# Output as JSON
+qcloud iam permission list --json`,
+		Fetch: func(s *state.State, cmd *cobra.Command) (*iamv1.ListPermissionsResponse, error) {
+			ctx := cmd.Context()
+			client, err := s.Client(ctx)
+			if err != nil {
+				return nil, err
+			}
+
+			accountID, err := s.AccountID()
+			if err != nil {
+				return nil, err
+			}
+
+			return client.IAM().ListPermissions(ctx, &iamv1.ListPermissionsRequest{
+				AccountId: accountID,
+			})
+		},
+		PrintText: func(_ *cobra.Command, w io.Writer, resp *iamv1.ListPermissionsResponse) error {
+			t := output.NewTable[*iamv1.Permission](w)
+			t.AddField("PERMISSION", func(v *iamv1.Permission) string {
+				return v.GetValue()
+			})
+			t.AddField("CATEGORY", func(v *iamv1.Permission) string {
+				return v.GetCategory()
+			})
+			t.Write(resp.GetPermissions())
+			return nil
+		},
+	}.CobraCommand(s)
+}