nethsm_cli/cli/
namespace.rs

1use clap::{Parser, Subcommand};
2use expression_format::ex_format;
3use nethsm::{NamespaceId, SystemState::Operational, UserRole::Administrator};
4
5use super::BIN_NAME;
6
7#[derive(Debug, Subcommand)]
8#[command(
9    about = "Operate on namespaces of a device",
10    long_about = "Operate on namespaces of a device
11
12Allows to add, list and remove namespaces.
13
14Namespaces are a way to segregate users and keys.
15Users in a namespace only have access to the keys in their own namespace.
16"
17)]
18pub enum NamespaceCommand {
19    Add(NamespaceAddCommand),
20    List(NamespaceListCommand),
21    Remove(NamespaceRemoveCommand),
22}
23
24#[derive(Debug, Parser)]
25#[command(
26    about = "Add a namespace",
27    long_about = ex_format!("Add a namespace
28
29Adds a new namespace by providing a unique name.
30
31**WARNING**: Make sure to *first* create a user in the \"{Administrator}\" role for a namespace using \"{BIN_NAME} user add\".
32Only afterwards add the namespace, as otherwise the new namespace does not have an administrative user!
33
34The device must be in state \"{Operational}\".
35
36Requires authentication of a user in the \"{Administrator}\" role."),
37)]
38pub struct NamespaceAddCommand {
39    #[arg(
40        env = "NETHSM_NAMESPACE_NAME",
41        help = "The name of the namespace that is created"
42    )]
43    pub name: NamespaceId,
44}
45
46#[derive(Debug, Parser)]
47#[command(
48    about = "List all namespace names",
49    long_about = ex_format!("List all namespace names
50
51The device must be in state \"{Operational}\".
52
53Requires authentication of a system-wide user in the \"{Administrator}\" role."),
54)]
55pub struct NamespaceListCommand {}
56
57#[derive(Debug, Parser)]
58#[command(
59    about = "Remove a namespace",
60    long_about = ex_format!("Remove a namespace
61
62**WARNING**: This command deletes **all keys** in the targeted namespace.
63It is strongly advised to first create a backup using \"{BIN_NAME} system backup\" before running this command.
64
65The device must be in state \"{Operational}\".
66
67Requires authentication of a system-wide user in the \"{Administrator}\" role."),
68)]
69pub struct NamespaceRemoveCommand {
70    #[arg(
71        env = "NETHSM_NAMESPACE_NAME",
72        help = "The name of the namespace to remove"
73    )]
74    pub name: NamespaceId,
75}