nethsm_cli/cli/
namespace.rs

1use clap::{Parser, Subcommand};
2use expression_format::ex_format;
3use nethsm::{NamespaceId, SystemState::Operational, UserRole::Administrator};
4
5use super::BIN_NAME;
6
7/// The "nethsm namespace" command.
8#[derive(Debug, Subcommand)]
9#[command(
10    about = "Operate on namespaces of a device",
11    long_about = "Operate on namespaces of a device
12
13Allows to add, list and remove namespaces.
14
15Namespaces are a way to segregate users and keys.
16Users in a namespace only have access to the keys in their own namespace.
17"
18)]
19pub enum NamespaceCommand {
20    /// The "nethsm namespace add" command.
21    Add(NamespaceAddCommand),
22    /// The "nethsm namespace list" command.
23    List(NamespaceListCommand),
24    /// The "nethsm namespace remove" command.
25    Remove(NamespaceRemoveCommand),
26}
27
28#[derive(Debug, Parser)]
29#[command(
30    about = "Add a namespace",
31    long_about = ex_format!("Add a namespace
32
33Adds a new namespace by providing a unique name.
34
35**WARNING**: Make sure to *first* create a user in the \"{Administrator}\" role for a namespace using \"{BIN_NAME} user add\".
36Only afterwards add the namespace, as otherwise the new namespace does not have an administrative user!
37
38The device must be in state \"{Operational}\".
39
40Requires authentication of a user in the \"{Administrator}\" role."),
41)]
42pub struct NamespaceAddCommand {
43    #[arg(
44        env = "NETHSM_NAMESPACE_NAME",
45        help = "The name of the namespace that is created"
46    )]
47    pub name: NamespaceId,
48}
49
50#[derive(Debug, Parser)]
51#[command(
52    about = "List all namespace names",
53    long_about = ex_format!("List all namespace names
54
55The device must be in state \"{Operational}\".
56
57Requires authentication of a system-wide user in the \"{Administrator}\" role."),
58)]
59pub struct NamespaceListCommand {}
60
61#[derive(Debug, Parser)]
62#[command(
63    about = "Remove a namespace",
64    long_about = ex_format!("Remove a namespace
65
66**WARNING**: This command deletes **all keys** in the targeted namespace.
67It is strongly advised to first create a backup using \"{BIN_NAME} system backup\" before running this command.
68
69The device must be in state \"{Operational}\".
70
71Requires authentication of a system-wide user in the \"{Administrator}\" role."),
72)]
73pub struct NamespaceRemoveCommand {
74    #[arg(
75        env = "NETHSM_NAMESPACE_NAME",
76        help = "The name of the namespace to remove"
77    )]
78    pub name: NamespaceId,
79}