add acl policy delete command

2026-01-05 09:55:44 +03:00 · 2017-09-17 04:36:08 +00:00
parent e10a2c68e3
commit e6adcbcdcb
4 changed files with 167 additions and 0 deletions
--- a/command/acl_policy_delete.go
+++ b/command/acl_policy_delete.go
@@ -0,0 +1,74 @@
+package command
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/posener/complete"
+)
+
+type ACLPolicyDeleteCommand struct {
+	Meta
+}
+
+func (c *ACLPolicyDeleteCommand) Help() string {
+	helpText := `
+Usage: nomad acl policy delete [options] <name> <path>
+
+Delete is used to delete an existing ACL policy.
+
+General Options:
+
+  ` + generalOptionsUsage()
+
+	return strings.TrimSpace(helpText)
+}
+
+func (c *ACLPolicyDeleteCommand) AutocompleteFlags() complete.Flags {
+	return mergeAutocompleteFlags(c.Meta.AutocompleteFlags(FlagSetClient),
+		complete.Flags{})
+}
+
+func (c *ACLPolicyDeleteCommand) AutocompleteArgs() complete.Predictor {
+	return complete.PredictNothing
+}
+
+func (c *ACLPolicyDeleteCommand) Synopsis() string {
+	return "Delete an existing ACL policy"
+}
+
+func (c *ACLPolicyDeleteCommand) Run(args []string) int {
+	flags := c.Meta.FlagSet("acl policy delete", FlagSetClient)
+	flags.Usage = func() { c.Ui.Output(c.Help()) }
+	if err := flags.Parse(args); err != nil {
+		return 1
+	}
+
+	// Check that we got exactly one argument
+	args = flags.Args()
+	if l := len(args); l != 1 {
+		c.Ui.Error(c.Help())
+		return 1
+	}
+
+	// Get the policy name
+	policyName := args[0]
+
+	// Get the HTTP client
+	client, err := c.Meta.Client()
+	if err != nil {
+		c.Ui.Error(fmt.Sprintf("Error initializing client: %s", err))
+		return 1
+	}
+
+	// Upsert the policy
+	_, err = client.ACLPolicies().Delete(policyName, nil)
+	if err != nil {
+		c.Ui.Error(fmt.Sprintf("Error deleting ACL policy: %s", err))
+		return 1
+	}
+
+	c.Ui.Output(fmt.Sprintf("Successfully deleted %s policy!",
+		policyName))
+	return 0
+}
--- a/command/acl_policy_delete_test.go
+++ b/command/acl_policy_delete_test.go
@@ -0,0 +1,59 @@
+package command
+
+import (
+	"fmt"
+	"os"
+	"strings"
+	"testing"
+
+	"github.com/hashicorp/nomad/acl"
+	"github.com/hashicorp/nomad/command/agent"
+	"github.com/hashicorp/nomad/nomad/mock"
+	"github.com/hashicorp/nomad/nomad/structs"
+	"github.com/mitchellh/cli"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestACLPolicyDeleteCommand(t *testing.T) {
+	assert := assert.New(t)
+	t.Parallel()
+	config := func(c *agent.Config) {
+		c.ACL.Enabled = true
+	}
+
+	srv, _, url := testServer(t, true, config)
+	state := srv.Agent.Server().State()
+	defer srv.Shutdown()
+
+	// Bootstrap an initial ACL token
+	token := srv.Token
+	assert.NotNil(token, "failed to bootstrap ACL token")
+
+	// Create a test ACLPolicy
+	policy := &structs.ACLPolicy{
+		Name:  "testPolicy",
+		Rules: acl.PolicyWrite,
+	}
+	policy.SetHash()
+	assert.Nil(state.UpsertACLPolicies(1000, []*structs.ACLPolicy{policy}))
+
+	ui := new(cli.MockUi)
+	cmd := &ACLPolicyDeleteCommand{Meta: Meta{Ui: ui, flagAddress: url}}
+
+	// Delete the policy without a valid token fails
+	invalidToken := mock.ACLToken()
+	os.Setenv("NOMAD_TOKEN", invalidToken.SecretID)
+	code := cmd.Run([]string{"-address=" + url, policy.Name})
+	assert.Equal(1, code)
+
+	// Delete the policy with a valid management token
+	os.Setenv("NOMAD_TOKEN", token.SecretID)
+	code = cmd.Run([]string{"-address=" + url, policy.Name})
+	assert.Equal(0, code)
+
+	// Check the output
+	out := ui.OutputWriter.String()
+	if !strings.Contains(out, fmt.Sprintf("Successfully deleted %s policy", policy.Name)) {
+		t.Fatalf("bad: %v", out)
+	}
+}