ref/cmd/principal: Change principal store command to
principal get/set default/forpeer.
MultiPart: 1/3
Change-Id: Ia66041817f9c191fd8adea2d2ef2be81cfa16cbd
diff --git a/cmd/principal/doc.go b/cmd/principal/doc.go
index 5385f29..a461daf 100644
--- a/cmd/principal/doc.go
+++ b/cmd/principal/doc.go
@@ -25,7 +25,8 @@
dumpblessings Dump out information about the provided blessings
blessself Generate a self-signed blessing
bless Bless another principal
- store Manipulate and inspect the principal's blessing store
+ set Mutate the principal's blessings.
+ get Read the principal's blessings.
addtoroots Add to the set of identity providers recognized by this
principal
help Display help for commands or topics
@@ -293,63 +294,40 @@
-with=
Path to file containing blessing to extend
-Principal Store
+Principal Set
-Commands to manipulate and inspect the blessing store of the principal.
+Commands to mutate the blessings of the principal.
-All blessings are printed to stdout using base64-VOM-encoding
+All input blessings are expected to be serialized using base64-VOM-encoding. See
+'principal get'.
Usage:
- principal store <command>
+ principal set <command>
-The principal store commands are:
- default Return blessings marked as default
- setdefault Set provided blessings as default
- forpeer Return blessings marked for the provided peer
- set Set provided blessings for peer
+The principal set commands are:
+ default Set provided blessings as default
+ forpeer Set provided blessings for peer
-Principal Store Default
-
-Returns blessings that are marked as default in the BlessingStore specified by
-the environment that this tool is running in.
-
-Usage:
- principal store default
-
-Principal Store Setdefault
+Principal Set Default
Sets the provided blessings as default in the BlessingStore specified by the
environment that this tool is running in.
-It is an error to call 'store.setdefault' with blessings whose public key does
-not match the public key of the principal specified by the environment.
+It is an error to call 'set default' with blessings whose public key does not
+match the public key of the principal specified by the environment.
Usage:
- principal store setdefault [flags] <file>
+ principal set default [flags] <file>
<file> is the path to a file containing a blessing typically obtained from this
tool. - is used for STDIN.
-The principal store setdefault flags are:
+The principal set default flags are:
-add_to_roots=true
If true, the root certificate of the blessing will be added to the
principal's set of recognized root certificates
-Principal Store Forpeer
-
-Returns blessings that are marked for the provided peer in the BlessingStore
-specified by the environment that this tool is running in.
-
-Usage:
- principal store forpeer [<peer_1> ... <peer_k>]
-
-<peer_1> ... <peer_k> are the (human-readable string) blessings bound to the
-peer. The returned blessings are marked with a pattern that is matched by at
-least one of these. If no arguments are specified, store.forpeer returns the
-blessings that are marked for all peers (i.e., blessings set on the store with
-the "..." pattern).
-
-Principal Store Set
+Principal Set Forpeer
Marks the provided blessings to be shared with the provided peers on the
BlessingStore specified by the environment that this tool is running in.
@@ -360,11 +338,11 @@
'set nil pattern' can be used to remove the blessings previously associated with
the pattern (by a prior 'set' command).
-It is an error to call 'store.set' with blessings whose public key does not
+It is an error to call 'set forpeer' with blessings whose public key does not
match the public key of this principal specified by the environment.
Usage:
- principal store set [flags] <file> <pattern>
+ principal set forpeer [flags] <file> <pattern>
<file> is the path to a file containing a blessing typically obtained from this
tool. - is used for STDIN.
@@ -372,11 +350,46 @@
<pattern> is the BlessingPattern used to identify peers with whom this blessing
can be shared with.
-The principal store set flags are:
+The principal set forpeer flags are:
-add_to_roots=true
If true, the root certificate of the blessing will be added to the
principal's set of recognized root certificates
+Principal Get
+
+Commands to inspect the blessings of the principal.
+
+All blessings are printed to stdout using base64-VOM-encoding.
+
+Usage:
+ principal get <command>
+
+The principal get commands are:
+ default Return blessings marked as default
+ forpeer Return blessings marked for the provided peer
+
+Principal Get Default
+
+Returns blessings that are marked as default in the BlessingStore specified by
+the environment that this tool is running in.
+
+Usage:
+ principal get default
+
+Principal Get Forpeer
+
+Returns blessings that are marked for the provided peer in the BlessingStore
+specified by the environment that this tool is running in.
+
+Usage:
+ principal get forpeer [<peer_1> ... <peer_k>]
+
+<peer_1> ... <peer_k> are the (human-readable string) blessings bound to the
+peer. The returned blessings are marked with a pattern that is matched by at
+least one of these. If no arguments are specified, store.forpeer returns the
+blessings that are marked for all peers (i.e., blessings set on the store with
+the "..." pattern).
+
Principal Addtoroots
Adds an identity provider to the set of recognized roots public keys for this
diff --git a/cmd/principal/main.go b/cmd/principal/main.go
index 8cf43f4..8700c37 100644
--- a/cmd/principal/main.go
+++ b/cmd/principal/main.go
@@ -273,7 +273,7 @@
},
}
- cmdStoreForPeer = &cmdline.Command{
+ cmdGetForPeer = &cmdline.Command{
Name: "forpeer",
Short: "Return blessings marked for the provided peer",
Long: `
@@ -297,7 +297,7 @@
},
}
- cmdStoreDefault = &cmdline.Command{
+ cmdGetDefault = &cmdline.Command{
Name: "default",
Short: "Return blessings marked as default",
Long: `
@@ -312,8 +312,8 @@
},
}
- cmdStoreSet = &cmdline.Command{
- Name: "set",
+ cmdSetForPeer = &cmdline.Command{
+ Name: "forpeer",
Short: "Set provided blessings for peer",
Long: `
Marks the provided blessings to be shared with the provided peers on the
@@ -325,7 +325,7 @@
'set nil pattern' can be used to remove the blessings previously
associated with the pattern (by a prior 'set' command).
-It is an error to call 'store.set' with blessings whose public
+It is an error to call 'set forpeer' with blessings whose public
key does not match the public key of this principal specified
by the environment.
`,
@@ -422,14 +422,14 @@
},
}
- cmdStoreSetDefault = &cmdline.Command{
- Name: "setdefault",
+ cmdSetDefault = &cmdline.Command{
+ Name: "default",
Short: "Set provided blessings as default",
Long: `
Sets the provided blessings as default in the BlessingStore specified by the
environment that this tool is running in.
-It is an error to call 'store.setdefault' with blessings whose public key does
+It is an error to call 'set default' with blessings whose public key does
not match the public key of the principal specified by the environment.
`,
ArgsName: "<file>",
@@ -736,24 +736,36 @@
cmdSeekBlessings.Flags.BoolVar(&flagSeekBlessingsBrowser, "browser", true, "If false, the seekblessings command will not open the browser and only print the url to visit.")
cmdSeekBlessings.Flags.BoolVar(&flagAddToRoots, "add_to_roots", true, "If true, the root certificate of the blessing will be added to the principal's set of recognized root certificates")
- cmdStoreSet.Flags.BoolVar(&flagAddToRoots, "add_to_roots", true, "If true, the root certificate of the blessing will be added to the principal's set of recognized root certificates")
+ cmdSetForPeer.Flags.BoolVar(&flagAddToRoots, "add_to_roots", true, "If true, the root certificate of the blessing will be added to the principal's set of recognized root certificates")
- cmdStoreSetDefault.Flags.BoolVar(&flagAddToRoots, "add_to_roots", true, "If true, the root certificate of the blessing will be added to the principal's set of recognized root certificates")
+ cmdSetDefault.Flags.BoolVar(&flagAddToRoots, "add_to_roots", true, "If true, the root certificate of the blessing will be added to the principal's set of recognized root certificates")
cmdCreate.Flags.BoolVar(&flagCreateOverwrite, "overwrite", false, "If true, any existing principal data in the directory will be overwritten")
cmdRecvBlessings.Flags.BoolVar(&flagRecvBlessingsSetDefault, "set_default", true, "If true, the blessings received will be set as the default blessing in the store")
cmdRecvBlessings.Flags.StringVar(&flagRecvBlessingsForPeer, "for_peer", string(security.AllPrincipals), "If non-empty, the blessings received will be marked for peers matching this pattern in the store")
- cmdStore := &cmdline.Command{
- Name: "store",
- Short: "Manipulate and inspect the principal's blessing store",
+ cmdSet := &cmdline.Command{
+ Name: "set",
+ Short: "Mutate the principal's blessings.",
Long: `
-Commands to manipulate and inspect the blessing store of the principal.
+Commands to mutate the blessings of the principal.
-All blessings are printed to stdout using base64-VOM-encoding
+All input blessings are expected to be serialized using base64-VOM-encoding.
+See 'principal get'.
`,
- Children: []*cmdline.Command{cmdStoreDefault, cmdStoreSetDefault, cmdStoreForPeer, cmdStoreSet},
+ Children: []*cmdline.Command{cmdSetDefault, cmdSetForPeer},
+ }
+
+ cmdGet := &cmdline.Command{
+ Name: "get",
+ Short: "Read the principal's blessings.",
+ Long: `
+Commands to inspect the blessings of the principal.
+
+All blessings are printed to stdout using base64-VOM-encoding.
+`,
+ Children: []*cmdline.Command{cmdGetDefault, cmdGetForPeer},
}
root := &cmdline.Command{
@@ -765,7 +777,7 @@
All objects are printed using base64-VOM-encoding.
`,
- Children: []*cmdline.Command{cmdCreate, cmdFork, cmdSeekBlessings, cmdRecvBlessings, cmdDump, cmdDumpBlessings, cmdBlessSelf, cmdBless, cmdStore, cmdAddToRoots},
+ Children: []*cmdline.Command{cmdCreate, cmdFork, cmdSeekBlessings, cmdRecvBlessings, cmdDump, cmdDumpBlessings, cmdBlessSelf, cmdBless, cmdSet, cmdGet, cmdAddToRoots},
}
os.Exit(root.Main())
}
diff --git a/cmd/principal/principal_v23_test.go b/cmd/principal/principal_v23_test.go
index ac7ff5d..174e224 100644
--- a/cmd/principal/principal_v23_test.go
+++ b/cmd/principal/principal_v23_test.go
@@ -85,8 +85,8 @@
redirect(t, bin.WithEnv(blessEnv).Start("bless", "--for=1m", bobDir, "friend"), aliceFriend)
// Run store forpeer on bob.
- bin.Start("--veyron.credentials="+bobDir, "store", "set", aliceFriend, "alice").WaitOrDie(os.Stdout, os.Stderr)
- redirect(t, bin.WithEnv(blessEnv).Start("--veyron.credentials="+bobDir, "store", "forpeer", "alice/server"), bobForPeer)
+ bin.Start("--veyron.credentials="+bobDir, "set", "forpeer", aliceFriend, "alice").WaitOrDie(os.Stdout, os.Stderr)
+ redirect(t, bin.WithEnv(blessEnv).Start("--veyron.credentials="+bobDir, "get", "forpeer", "alice/server"), bobForPeer)
got := removeCaveats(removePublicKeys(bin.Start("dumpblessings", bobForPeer).Output()))
want := `Blessings : bob#alice/friend
@@ -267,7 +267,7 @@
}
// And it should have an expiry caveat
{
- redirect(t, bin.Start("--veyron.credentials", alicePhoneDir, "store", "default"), tmpfile)
+ redirect(t, bin.Start("--veyron.credentials", alicePhoneDir, "get", "default"), tmpfile)
got := removeCaveats(removePublicKeys(bin.Start("dumpblessings", tmpfile).Output()))
want := `Blessings : alice/phone
PublicKey : XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
@@ -301,7 +301,7 @@
}
}
{
- redirect(t, bin.Start("--veyron.credentials", alicePhoneCalendarDir, "store", "default"), tmpfile)
+ redirect(t, bin.Start("--veyron.credentials", alicePhoneCalendarDir, "get", "default"), tmpfile)
got := removeCaveats(removePublicKeys(bin.Start("dumpblessings", tmpfile).Output()))
want := `Blessings : alice/phone/calendar
PublicKey : XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
