authkit/cmd/perms/main.go

// Command perms is the seeding CLI for authkit permissions.
//
//	perms create <slug> [--label "..."]
//	perms list
//	perms delete <slug>
//
// Database connection comes from --dsn or $AUTHKIT_DATABASE_URL.
package main

import (
	"context"
	"errors"
	"fmt"
	"os"

	"git.juancwu.dev/juancwu/authkit/cmd/internal/clihelp"
)

func main() {
	if len(os.Args) < 2 {
		usage()
		os.Exit(2)
	}
	sub := os.Args[1]
	args := os.Args[2:]

	switch sub {
	case "create":
		runCreate(args)
	case "list":
		runList(args)
	case "delete", "rm":
		runDelete(args)
	case "-h", "--help", "help":
		usage()
	default:
		fmt.Fprintf(os.Stderr, "unknown subcommand %q\n\n", sub)
		usage()
		os.Exit(2)
	}
}

func usage() {
	fmt.Fprintln(os.Stderr, `usage: perms <subcommand> [args]

Subcommands:
  create <slug> [--label "..."]   create a permission
  list                            list every permission
  delete <slug>                   delete a permission

Common flags:
  --dsn  PostgreSQL DSN (defaults to $AUTHKIT_DATABASE_URL)`)
}

func runCreate(args []string) {
	fs, dsn := clihelp.DSNFlag("perms create")
	label := fs.String("label", "", "optional human label")
	_ = fs.Parse(args)

	rest := fs.Args()
	if len(rest) != 1 {
		clihelp.Fail(errors.New("create takes exactly one slug argument"))
	}
	ctx := context.Background()
	a, db, err := clihelp.Dial(ctx, *dsn)
	if err != nil {
		clihelp.Fail(err)
	}
	defer db.Close()

	p, err := a.CreatePermission(ctx, rest[0], *label)
	if err != nil {
		clihelp.Fail(err)
	}
	fmt.Printf("created permission %s (id=%s, label=%q)\n", p.Slug, p.ID, p.Label)
}

func runList(args []string) {
	fs, dsn := clihelp.DSNFlag("perms list")
	_ = fs.Parse(args)
	ctx := context.Background()
	a, db, err := clihelp.Dial(ctx, *dsn)
	if err != nil {
		clihelp.Fail(err)
	}
	defer db.Close()

	perms, err := a.ListPermissions(ctx)
	if err != nil {
		clihelp.Fail(err)
	}
	for _, p := range perms {
		fmt.Printf("%s\t%s\n", p.Slug, p.Label)
	}
}

func runDelete(args []string) {
	fs, dsn := clihelp.DSNFlag("perms delete")
	_ = fs.Parse(args)
	rest := fs.Args()
	if len(rest) != 1 {
		clihelp.Fail(errors.New("delete takes exactly one slug argument"))
	}
	ctx := context.Background()
	a, db, err := clihelp.Dial(ctx, *dsn)
	if err != nil {
		clihelp.Fail(err)
	}
	defer db.Close()
	if err := a.DeletePermission(ctx, rest[0]); err != nil {
		clihelp.Fail(err)
	}
	fmt.Printf("deleted permission %s\n", rest[0])
}