2023-07-17 08:20:53 +00:00
1 changed files with 8 additions and 1 deletions
--- a/cmd/frostfs-cli/modules/bearer/create.go
+++ b/cmd/frostfs-cli/modules/bearer/create.go
@ -24,6 +24,7 @@ const (
 	ownerFlag          = "owner"
 	outFlag            = "out"
 	jsonFlag           = commonflags.JSON
+	impersonateFlag    = "impersonate"
 )

 var createCmd = &cobra.Command{
@ -39,15 +40,18 @@ is set to current epoch + n.
 }

 func init() {
-	createCmd.Flags().StringP(eaclFlag, "e", "", "Path to the extended ACL table")
+	createCmd.Flags().StringP(eaclFlag, "e", "", "Path to the extended ACL table (mutually exclusive with --impersonate flag)")
 	createCmd.Flags().StringP(issuedAtFlag, "i", "", "Epoch to issue token at")
 	createCmd.Flags().StringP(notValidBeforeFlag, "n", "", "Not valid before epoch")
 	createCmd.Flags().StringP(commonflags.ExpireAt, "x", "", "The last active epoch for the token")
 	createCmd.Flags().StringP(ownerFlag, "o", "", "Token owner")
 	createCmd.Flags().String(outFlag, "", "File to write token to")
 	createCmd.Flags().Bool(jsonFlag, false, "Output token in JSON")
+	createCmd.Flags().Bool(impersonateFlag, false, "Mark token as impersonate to consider the token signer as the request owner (mutually exclusive with --eacl flag)")
 	createCmd.Flags().StringP(commonflags.RPC, commonflags.RPCShorthand, commonflags.RPCDefault, commonflags.RPCUsage)

+	createCmd.MarkFlagsMutuallyExclusive(eaclFlag, impersonateFlag)
+
 	_ = cobra.MarkFlagFilename(createCmd.Flags(), eaclFlag)

 	_ = cobra.MarkFlagRequired(createCmd.Flags(), issuedAtFlag)
@ -101,6 +105,9 @@ func createToken(cmd *cobra.Command, _ []string) {
 	b.SetIat(iat)
 	b.ForUser(ownerID)

+	impersonate, _ := cmd.Flags().GetBool(impersonateFlag)
+	b.SetImpersonate(impersonate)
+
 	eaclPath, _ := cmd.Flags().GetString(eaclFlag)
 	if eaclPath != "" {
 		table := eaclSDK.NewTable()