Add --user flag to "secrets" and "envs"

Author: cmoog

cmd/coder/auth.go

@@ -11,15 +11,15 @@ import (
 )
 
 // requireAuth exits the process with a nonzero exit code if the user is not authenticated to make requests
-func requireAuth() *entclient.Client {
-	client, err := newClient()
+func requireAuth(user string) *entclient.Client {
+	client, err := newClient(user)
 	if err != nil {
 		flog.Fatal("%v", err)
 	}
 	return client
 }
 
-func newClient() (*entclient.Client, error) {
+func newClient(userFlag string) (*entclient.Client, error) {
 	sessionToken, err := config.Session.Read()
 	if err != nil {
 		return nil, xerrors.Errorf("read session: %v (did you run coder login?)", err)
@@ -35,8 +35,19 @@ func newClient() (*entclient.Client, error) {
 		return nil, xerrors.Errorf("url misformatted: %v (try runing coder login)", err)
 	}
 
-	return &entclient.Client{
+	client := &entclient.Client{
 		BaseURL: u,
 		Token:   sessionToken,
-	}, nil
+		UserID:  entclient.Me,
+	}
+
+	user, err := client.UserByEmail(userFlag)
+	if err != nil {
+		return nil, xerrors.Errorf("failed to find user (%v) by email: %v", userFlag, err)
+	}
+
+	// perform all additional actions as this user
+	client.UserID = user.ID
+
+	return client, nil
 }

cmd/coder/ceapi.go

@@ -28,7 +28,7 @@ outer:
 
 // getEnvs returns all environments for the user.
 func getEnvs(client *entclient.Client) ([]entclient.Environment, error) {
-	me, err := client.Me()
+	me, err := client.TargetUser()
 	if err != nil {
 		return nil, xerrors.Errorf("get self: %+v", err)
 	}

cmd/coder/configssh.go

@@ -76,14 +76,14 @@ func configSSH(filepath *string, remove *bool) func(cmd *cobra.Command, _ []stri
 			return nil
 		}
 
-		entClient := requireAuth()
+		entClient := requireAuth(entclient.Me)
 
 		sshAvailable := isSSHAvailable(ctx)
 		if !sshAvailable {
 			return xerrors.New("SSH is disabled or not available for your Coder Enterprise deployment.")
 		}
 
-		me, err := entClient.Me()
+		me, err := entClient.TargetUser()
 		if err != nil {
 			return xerrors.Errorf("fetch username: %w", err)
 		}

cmd/coder/envs.go

@@ -4,25 +4,28 @@ import (
 	"encoding/json"
 	"os"
 
+	"cdr.dev/coder-cli/internal/entclient"
 	"cdr.dev/coder-cli/internal/x/xtabwriter"
 	"github.com/spf13/cobra"
 	"golang.org/x/xerrors"
 )
 
 func makeEnvsCommand() *cobra.Command {
 	var outputFmt string
+	var user string
 	cmd := &cobra.Command{
 		Use:   "envs",
 		Short: "Interact with Coder environments",
 		Long:  "Perform operations on the Coder environments owned by the active user.",
 	}
+	cmd.PersistentFlags().StringVar(&user, "user",entclient.Me, "Specify the user whose resources to target")
 
 	lsCmd := &cobra.Command{
 		Use:   "ls",
 		Short: "list all environments owned by the active user",
 		Long:  "List all Coder environments owned by the active user.",
 		RunE: func(cmd *cobra.Command, args []string) error {
-			entClient := requireAuth()
+			entClient := requireAuth(user)
 			envs, err := getEnvs(entClient)
 			if err != nil {
 				return err

cmd/coder/secrets.go

@@ -15,37 +15,39 @@ import (
 )
 
 func makeSecretsCmd() *cobra.Command {
+	var user string
 	cmd := &cobra.Command{
 		Use:   "secrets",
 		Short: "Interact with Coder Secrets",
 		Long:  "Interact with secrets objects owned by the active user.",
 	}
+	cmd.PersistentFlags().StringVar(&user, "user", entclient.Me, "Specify the user whose resources to target")
 	cmd.AddCommand(
 		&cobra.Command{
 			Use:   "ls",
 			Short: "List all secrets owned by the active user",
-			RunE:  listSecrets,
+			RunE:  listSecrets(&user),
 		},
-		makeCreateSecret(),
+		makeCreateSecret(&user),
 		&cobra.Command{
 			Use:     "rm [...secret_name]",
 			Short:   "Remove one or more secrets by name",
 			Args:    cobra.MinimumNArgs(1),
-			RunE:    removeSecrets,
+			RunE:    makeRemoveSecrets(&user),
 			Example: "coder secrets rm mysql-password mysql-user",
 		},
 		&cobra.Command{
 			Use:     "view [secret_name]",
 			Short:   "View a secret by name",
 			Args:    cobra.ExactArgs(1),
-			RunE:    viewSecret,
+			RunE:    makeViewSecret(&user),
 			Example: "coder secrets view mysql-password",
 		},
 	)
 	return cmd
 }
 
-func makeCreateSecret() *cobra.Command {
+func makeCreateSecret(user *string) *cobra.Command {
 	var (
 		fromFile    string
 		fromLiteral string
@@ -77,7 +79,7 @@ coder secrets create aws-credentials --from-file ./credentials.json`,
 		},
 		RunE: func(cmd *cobra.Command, args []string) error {
 			var (
-				client = requireAuth()
+				client = requireAuth(*user)
 				name   = args[0]
 				value  string
 				err    error
@@ -127,71 +129,78 @@ coder secrets create aws-credentials --from-file ./credentials.json`,
 	return cmd
 }
 
-func listSecrets(cmd *cobra.Command, _ []string) error {
-	client := requireAuth()
+func listSecrets(user *string) func(cmd *cobra.Command, _ []string) error {
+	return func(cmd *cobra.Command, _ []string) error {
+		client := requireAuth(*user)
 
-	secrets, err := client.Secrets()
-	if err != nil {
-		return xerrors.Errorf("get secrets: %w", err)
-	}
+		secrets, err := client.Secrets()
+		if err != nil {
+			return xerrors.Errorf("get secrets: %w", err)
+		}
 
-	if len(secrets) < 1 {
-		flog.Info("No secrets found")
-		return nil
-	}
+		if len(secrets) < 1 {
+			flog.Info("No secrets found")
+			return nil
+		}
 
-	err = xtabwriter.WriteTable(len(secrets), func(i int) interface{} {
-		s := secrets[i]
-		s.Value = "******" // value is omitted from bulk responses
-		return s
-	})
-	if err != nil {
-		return xerrors.Errorf("write table of secrets: %w", err)
+		err = xtabwriter.WriteTable(len(secrets), func(i int) interface{} {
+			s := secrets[i]
+			s.Value = "******" // value is omitted from bulk responses
+			return s
+		})
+		if err != nil {
+			return xerrors.Errorf("write table of secrets: %w", err)
+		}
+		return nil
 	}
-	return nil
 }
 
-func viewSecret(_ *cobra.Command, args []string) error {
-	var (
-		client = requireAuth()
-		name   = args[0]
-	)
-	if name == "" {
-		return xerrors.New("[name] is a required argument")
-	}
+func makeViewSecret(user *string) func(cmd *cobra.Command, args []string) error {
+return func (_ *cobra.Command, args []string) error {
+var (
+client = requireAuth(*user)
+name = args[0]
+)
+if name == "" {
+return xerrors.New("[name] is a required argument")
+}
 
-	secret, err := client.SecretByName(name)
-	if err != nil {
-		return xerrors.Errorf("get secret by name: %w", err)
-	}
+secret, err := client.SecretByName(name)
+if err != nil {
+return xerrors.Errorf("get secret by name: %w", err)
+}
 
-	_, err = fmt.Fprintln(os.Stdout, secret.Value)
-	if err != nil {
-		return xerrors.Errorf("write secret value: %w", err)
-	}
-	return nil
+_, err = fmt.Fprintln(os.Stdout, secret.Value)
+if err != nil {
+return xerrors.Errorf("write secret value: %w", err)
+}
+return nil
+}
 }
 
-func removeSecrets(_ *cobra.Command, args []string) error {
-	var (
-		client = requireAuth()
-	)
-	if len(args) < 1 {
-		return xerrors.New("[...secret_name] is a required argument")
-	}
+func makeRemoveSecrets(user *string) func(c *cobra.Command, args []string) error {
+	return func (_ *cobra.Command, args []string) error {
+		var (
+			client = requireAuth(*user)
+		)
+		if len(args) < 1 {
+			return xerrors.New("[...secret_name] is a required argument")
+		}
 
-	errorSeen := false
-	for _, n := range args {
-		err := client.DeleteSecretByName(n)
-		if err != nil {
-			flog.Error("failed to delete secret %q: %v", n, err)
-			errorSeen = true
-		} else {
-			flog.Success("successfully deleted secret %q", n)
+		errorSeen := false
+		for _, n := range args {
+			err := client.DeleteSecretByName(n)
+			if err != nil {
+				flog.Error("failed to delete secret %q: %v", n, err)
+				errorSeen = true
+			} else {
+				flog.Success("successfully deleted secret %q", n)
+			}
 		}
+		if errorSeen {
+			os.Exit(1)
+		}
+		return nil
 	}
-	if errorSeen {
-		os.Exit(1)
-	}
-	return nil
 }
+

cmd/coder/shell.go

@@ -8,6 +8,7 @@ import (
 	"time"
 
 	"cdr.dev/coder-cli/internal/activity"
+	"cdr.dev/coder-cli/internal/entclient"
 	"cdr.dev/coder-cli/internal/x/xterminal"
 	"cdr.dev/wsep"
 	"github.com/spf13/cobra"
@@ -94,7 +95,7 @@ func sendResizeEvents(ctx context.Context, termfd uintptr, process wsep.Process)
 
 func runCommand(ctx context.Context, envName string, command string, args []string) error {
 	var (
-		entClient = requireAuth()
+		entClient = requireAuth(entclient.Me)
 	)
 	env, err := findEnv(entClient, envName)
 	if err != nil {

cmd/coder/sync.go

@@ -8,6 +8,7 @@ import (
 	"path/filepath"
 	"strings"
 
+	"cdr.dev/coder-cli/internal/entclient"
 	"cdr.dev/coder-cli/internal/sync"
 	"github.com/spf13/cobra"
 	"golang.org/x/xerrors"
@@ -51,7 +52,7 @@ func makeRunSync(init *bool) func(cmd *cobra.Command, args []string) error {
 			remote = args[1]
 		)
 
-		entClient := requireAuth()
+		entClient := requireAuth(entclient.Me)
 
 		info, err := os.Stat(local)
 		if err != nil {

cmd/coder/urls.go

@@ -9,6 +9,7 @@ import (
 	"strconv"
 	"strings"
 
+	"cdr.dev/coder-cli/internal/entclient"
 	"cdr.dev/coder-cli/internal/x/xtabwriter"
 	"github.com/spf13/cobra"
 	"golang.org/x/xerrors"
@@ -147,7 +148,7 @@ func makeCreateDevURL() *cobra.Command {
 			if urlname != "" && !devURLNameValidRx.MatchString(urlname) {
 				return xerrors.New("update devurl: name must be < 64 chars in length, begin with a letter and only contain letters or digits.")
 			}
-			entClient := requireAuth()
+			entClient := requireAuth(entclient.Me)
 
 			env, err := findEnv(entClient, envName)
 			if err != nil {
@@ -213,7 +214,7 @@ func removeDevURL(cmd *cobra.Command, args []string) error {
 		return xerrors.Errorf("validate port: %w", err)
 	}
 
-	entClient := requireAuth()
+	entClient := requireAuth(entclient.Me)
 	env, err := findEnv(entClient, envName)
 	if err != nil {
 		return err
@@ -240,7 +241,7 @@ func removeDevURL(cmd *cobra.Command, args []string) error {
 
 // urlList returns the list of active devURLs from the cemanager.
 func urlList(envName string) ([]DevURL, error) {
-	entClient := requireAuth()
+	entClient := requireAuth(entclient.Me)
 	env, err := findEnv(entClient, envName)
 	if err != nil {
 		return nil, err

cmd/coder/users.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"os"
 
+	"cdr.dev/coder-cli/internal/entclient"
 	"cdr.dev/coder-cli/internal/x/xtabwriter"
 	"github.com/spf13/cobra"
 	"golang.org/x/xerrors"
@@ -31,7 +32,7 @@ coder users ls -o json | jq .[] | jq -r .email`,
 
 func listUsers(outputFmt *string) func(cmd *cobra.Command, args []string) error {
 	return func(cmd *cobra.Command, args []string) error {
-		entClient := requireAuth()
+		entClient := requireAuth(entclient.Me)
 
 		users, err := entClient.Users()
 		if err != nil {

internal/entclient/client.go

@@ -6,10 +6,14 @@ import (
 	"net/url"
 )
 
+// Me is the route param to access resources of the authenticated user
+const Me = "me"
+
 // Client wraps the Coder HTTP API
 type Client struct {
 	BaseURL *url.URL
 	Token   string
+	UserID  string
 }
 
 func (c Client) copyURL() *url.URL {