diff options
Diffstat (limited to 'server/wallet-report')
| -rwxr-xr-x | server/wallet-report | 203 | 
1 files changed, 203 insertions, 0 deletions
| diff --git a/server/wallet-report b/server/wallet-report new file mode 100755 index 0000000..a6b3b8d --- /dev/null +++ b/server/wallet-report @@ -0,0 +1,203 @@ +#!/usr/bin/perl -w +# +# wallet-report -- Wallet server reporting interface. +# +# Written by Russ Allbery <rra@stanford.edu> +# Copyright 2008, 2009, 2010 Board of Trustees, Leland Stanford Jr. University +# +# See LICENSE for licensing terms. + +############################################################################## +# Declarations and site configuration +############################################################################## + +use strict; +use Wallet::Report; + +############################################################################## +# Implementation +############################################################################## + +# Parse and execute a command.  We wrap this in a subroutine call for easier +# testing. +sub command { +    die "Usage: wallet-report <command> [<args> ...]\n" unless @_; +    my $report = Wallet::Report->new; + +    # Parse command-line options and dispatch to the appropriate calls. +    my ($command, @args) = @_; +    if ($command eq 'acls') { +        die "too many arguments to acls\n" if @args > 3; +        my @acls = $report->acls (@args); +        if (!@acls and $report->error) { +            die $report->error, "\n"; +        } +        for my $acl (sort { $$a[1] cmp $$b[1] } @acls) { +            print "$$acl[1] (ACL ID: $$acl[0])\n"; +        } +    } elsif ($command eq 'objects') { +        die "too many arguments to objects\n" if @args > 2; +        my @objects = $report->objects (@args); +        if (!@objects and $report->error) { +            die $report->error, "\n"; +        } +        for my $object (@objects) { +            print join (' ', @$object), "\n"; +        } +    } elsif ($command eq 'owners') { +        die "too many arguments to owners\n" if @args > 2; +        die "too few arguments to owners\n" if @args < 2; +        my @entries = $report->owners (@args); +        if (!@entries and $report->error) { +            die $report->error, "\n"; +        } +        for my $entry (@entries) { +            print join (' ', @$entry), "\n"; +        } +    } else { +        die "unknown command $command\n"; +    } +} +command (@ARGV); +__END__ + +############################################################################## +# Documentation +############################################################################## + +=head1 NAME + +wallet-report - Wallet server reporting interface + +=for stopwords +metadata ACL hostname backend acl acls wildcard SQL Allbery remctl + +=head1 SYNOPSIS + +B<wallet-report> I<type> [I<args> ...] + +=head1 DESCRIPTION + +B<wallet-report> provides a command-line interface for running reports on +the wallet database.  It is intended to be run on the wallet server as a +user with access to the wallet database and configuration, but can also be +made available via remctl to users who should have reporting privileges. + +This program is a fairly thin wrapper around Wallet::Report that +translates command strings into method calls and returns the results. + +=head1 OPTIONS + +B<wallet-report> takes no traditional options. + +=head1 COMMANDS + +=over 4 + +=item acls + +=item acls empty + +=item acls entry <scheme> <identifier> + +Returns a list of ACLs in the database.  ACLs will be listed in the form: + +    <name> (ACL ID: <id>) + +where <name> is the human-readable name and <id> is the numeric ID.  The +numeric ID is what's used internally by the wallet system.  There will be +one line per ACL. + +If no search type is given, all the ACLs in the database will be returned. +If a search type (and possible search arguments) are given, then the ACLs +will be limited to those that match the search. + +The currently supported ACL search types are: + +=over 4 + +=item acls empty + +Returns all ACLs which have no entries, generally so that abandoned ACLs +can be destroyed. + +=item acls entry <scheme> <identifier> + +Returns all ACLs containing an entry with given scheme and identifier. +The scheme must be an exact match, but the <identifier> string will match +any identifier containing that string. + +=back + +=item objects + +=item objects acl <acl> + +=item objects flag <flag> + +=item objects owner <owner> + +=item objects type <type> + +Returns a list of objects in the database.  Objects will be listed in the +form: + +    <type> <name> + +There will be one line per object. + +If no search type is given, all objects in the database will be returned. +If a search type (and possible search arguments) are given, the objects +will be limited to those that match the search. + +The currently supported object search types are: + +=over 4 + +=item list objects acl <acl> + +Returns all objects for which the given ACL name or ID has any +permissions.  This includes those objects owned by the ACL as well as +those where that ACL has any other, more limited permissions. + +=item list objects flag <flag> + +Returns all objects which have the given flag set. + +=item list objects owner <acl> + +Returns all objects owned by the given ACL name or ID. + +=item list objects type <type> + +Returns all objects of the given type. + +=back + +=item owners <type-pattern> <name-pattern> + +Returns a list of all ACL entries in owner ACLs for all objects matching +both <type-pattern> and <name-pattern>.  These can be the type or name of +objects or they can be patterns using C<%> as the wildcard character +following the normal rules of SQL patterns. + +The output will be one line per ACL line in the form: + +    <scheme> <identifier> + +with duplicates suppressed. + +=back + +=head1 SEE ALSO + +Wallet::Config(3), Wallet::Report(3), wallet-backend(8) + +This program is part of the wallet system.  The current version is +available from L<http://www.eyrie.org/~eagle/software/wallet/>. + +=head1 AUTHOR + +Russ Allbery <rra@stanford.edu> + +=cut | 
