Refactor reporting into a separate module and script

Move all reporting from Wallet::Admin to Wallet::Report and simplify
the method names since they're now part of a dedicated reporting
class.  Similarly, create a new wallet-report script to wrap
Wallet::Report, moving all reporting commands to it from wallet-admin,
and simplify the commands since they're for a dedicated reporting
script.

Remove the contrib script wallet-report to wallet-summary so that it
doesn't conflict with the new reporting backend script.

1 files changed, 203 insertions, 0 deletions

diff --git a/server/wallet-report b/server/wallet-report
new file mode 100755
index 0000000..a6b3b8d
--- /dev/null
+++ b/server/wallet-report
@@ -0,0 +1,203 @@
+#!/usr/bin/perl -w
+#
+# wallet-report -- Wallet server reporting interface.
+#
+# Written by Russ Allbery <rra@stanford.edu>
+# Copyright 2008, 2009, 2010 Board of Trustees, Leland Stanford Jr. University
+#
+# See LICENSE for licensing terms.
+
+##############################################################################
+# Declarations and site configuration
+##############################################################################
+
+use strict;
+use Wallet::Report;
+
+##############################################################################
+# Implementation
+##############################################################################
+
+# Parse and execute a command.  We wrap this in a subroutine call for easier
+# testing.
+sub command {
+    die "Usage: wallet-report <command> [<args> ...]\n" unless @_;
+    my $report = Wallet::Report->new;
+
+    # Parse command-line options and dispatch to the appropriate calls.
+    my ($command, @args) = @_;
+    if ($command eq 'acls') {
+        die "too many arguments to acls\n" if @args > 3;
+        my @acls = $report->acls (@args);
+        if (!@acls and $report->error) {
+            die $report->error, "\n";
+        }
+        for my $acl (sort { $$a[1] cmp $$b[1] } @acls) {
+            print "$$acl[1] (ACL ID: $$acl[0])\n";
+        }
+    } elsif ($command eq 'objects') {
+        die "too many arguments to objects\n" if @args > 2;
+        my @objects = $report->objects (@args);
+        if (!@objects and $report->error) {
+            die $report->error, "\n";
+        }
+        for my $object (@objects) {
+            print join (' ', @$object), "\n";
+        }
+    } elsif ($command eq 'owners') {
+        die "too many arguments to owners\n" if @args > 2;
+        die "too few arguments to owners\n" if @args < 2;
+        my @entries = $report->owners (@args);
+        if (!@entries and $report->error) {
+            die $report->error, "\n";
+        }
+        for my $entry (@entries) {
+            print join (' ', @$entry), "\n";
+        }
+    } else {
+        die "unknown command $command\n";
+    }
+}
+command (@ARGV);
+__END__
+
+##############################################################################
+# Documentation
+##############################################################################
+
+=head1 NAME
+
+wallet-report - Wallet server reporting interface
+
+=for stopwords
+metadata ACL hostname backend acl acls wildcard SQL Allbery remctl
+
+=head1 SYNOPSIS
+
+B<wallet-report> I<type> [I<args> ...]
+
+=head1 DESCRIPTION
+
+B<wallet-report> provides a command-line interface for running reports on
+the wallet database.  It is intended to be run on the wallet server as a
+user with access to the wallet database and configuration, but can also be
+made available via remctl to users who should have reporting privileges.
+
+This program is a fairly thin wrapper around Wallet::Report that
+translates command strings into method calls and returns the results.
+
+=head1 OPTIONS
+
+B<wallet-report> takes no traditional options.
+
+=head1 COMMANDS
+
+=over 4
+
+=item acls
+
+=item acls empty
+
+=item acls entry <scheme> <identifier>
+
+Returns a list of ACLs in the database.  ACLs will be listed in the form:
+
+    <name> (ACL ID: <id>)
+
+where <name> is the human-readable name and <id> is the numeric ID.  The
+numeric ID is what's used internally by the wallet system.  There will be
+one line per ACL.
+
+If no search type is given, all the ACLs in the database will be returned.
+If a search type (and possible search arguments) are given, then the ACLs
+will be limited to those that match the search.
+
+The currently supported ACL search types are:
+
+=over 4
+
+=item acls empty
+
+Returns all ACLs which have no entries, generally so that abandoned ACLs
+can be destroyed.
+
+=item acls entry <scheme> <identifier>
+
+Returns all ACLs containing an entry with given scheme and identifier.
+The scheme must be an exact match, but the <identifier> string will match
+any identifier containing that string.
+
+=back
+
+=item objects
+
+=item objects acl <acl>
+
+=item objects flag <flag>
+
+=item objects owner <owner>
+
+=item objects type <type>
+
+Returns a list of objects in the database.  Objects will be listed in the
+form:
+
+    <type> <name>
+
+There will be one line per object.
+
+If no search type is given, all objects in the database will be returned.
+If a search type (and possible search arguments) are given, the objects
+will be limited to those that match the search.
+
+The currently supported object search types are:
+
+=over 4
+
+=item list objects acl <acl>
+
+Returns all objects for which the given ACL name or ID has any
+permissions.  This includes those objects owned by the ACL as well as
+those where that ACL has any other, more limited permissions.
+
+=item list objects flag <flag>
+
+Returns all objects which have the given flag set.
+
+=item list objects owner <acl>
+
+Returns all objects owned by the given ACL name or ID.
+
+=item list objects type <type>
+
+Returns all objects of the given type.
+
+=back
+
+=item owners <type-pattern> <name-pattern>
+
+Returns a list of all ACL entries in owner ACLs for all objects matching
+both <type-pattern> and <name-pattern>.  These can be the type or name of
+objects or they can be patterns using C<%> as the wildcard character
+following the normal rules of SQL patterns.
+
+The output will be one line per ACL line in the form:
+
+    <scheme> <identifier>
+
+with duplicates suppressed.
+
+=back
+
+=head1 SEE ALSO
+
+Wallet::Config(3), Wallet::Report(3), wallet-backend(8)
+
+This program is part of the wallet system.  The current version is
+available from L<http://www.eyrie.org/~eagle/software/wallet/>.
+
+=head1 AUTHOR
+
+Russ Allbery <rra@stanford.edu>
+
+=cut