Browse code
plugins: install should not automatically accept all permissions
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 4b70d4561e4a9b57d80b70cfebc50831e230735a)
Tibor Vass authored on 2016/06/18 01:12:37Showing 2 changed files
| ... | ... |
@@ -25,7 +25,7 @@ type pluginOptions struct {
|
| 25 | 25 |
func newInstallCommand(dockerCli *client.DockerCli) *cobra.Command {
|
| 26 | 26 |
var options pluginOptions |
| 27 | 27 |
cmd := &cobra.Command{
|
| 28 |
- Use: "install", |
|
| 28 |
+ Use: "install PLUGIN", |
|
| 29 | 29 |
Short: "Install a plugin", |
| 30 | 30 |
Args: cli.RequiresMinArgs(1), // TODO: allow for set args |
| 31 | 31 |
RunE: func(cmd *cobra.Command, args []string) error {
|
| ... | ... |
@@ -35,7 +35,7 @@ func newInstallCommand(dockerCli *client.DockerCli) *cobra.Command {
|
| 35 | 35 |
} |
| 36 | 36 |
|
| 37 | 37 |
flags := cmd.Flags() |
| 38 |
- flags.BoolVar(&options.grantPerms, "grant-all-permissions", true, "grant all permissions necessary to run the plugin") |
|
| 38 |
+ flags.BoolVar(&options.grantPerms, "grant-all-permissions", false, "grant all permissions necessary to run the plugin") |
|
| 39 | 39 |
flags.BoolVar(&options.disable, "disable", false, "do not enable the plugin on install") |
| 40 | 40 |
|
| 41 | 41 |
return cmd |
| ... | ... |
@@ -62,14 +62,15 @@ func runInstall(dockerCli *client.DockerCli, opts pluginOptions) error {
|
| 62 | 62 |
return err |
| 63 | 63 |
} |
| 64 | 64 |
|
| 65 |
- requestPrivilege := dockerCli.RegistryAuthenticationPrivilegedFunc(repoInfo.Index, "plugin install") |
|
| 65 |
+ registryAuthFunc := dockerCli.RegistryAuthenticationPrivilegedFunc(repoInfo.Index, "plugin install") |
|
| 66 | 66 |
|
| 67 | 67 |
options := types.PluginInstallOptions{
|
| 68 | 68 |
RegistryAuth: encodedAuth, |
| 69 | 69 |
Disabled: opts.disable, |
| 70 | 70 |
AcceptAllPermissions: opts.grantPerms, |
| 71 | 71 |
AcceptPermissionsFunc: acceptPrivileges(dockerCli, opts.name), |
| 72 |
- PrivilegeFunc: requestPrivilege, |
|
| 72 |
+ // TODO: Rename PrivilegeFunc, it has nothing to do with privileges |
|
| 73 |
+ PrivilegeFunc: registryAuthFunc, |
|
| 73 | 74 |
} |
| 74 | 75 |
|
| 75 | 76 |
return dockerCli.Client().PluginInstall(ctx, ref.String(), options) |
| ... | ... |
@@ -77,7 +78,7 @@ func runInstall(dockerCli *client.DockerCli, opts pluginOptions) error {
|
| 77 | 77 |
|
| 78 | 78 |
func acceptPrivileges(dockerCli *client.DockerCli, name string) func(privileges types.PluginPrivileges) (bool, error) {
|
| 79 | 79 |
return func(privileges types.PluginPrivileges) (bool, error) {
|
| 80 |
- fmt.Fprintf(dockerCli.Out(), "Plugin %q requested the following privileges:\n", name) |
|
| 80 |
+ fmt.Fprintf(dockerCli.Out(), "Plugin %q is requesting the following privileges:\n", name) |
|
| 81 | 81 |
for _, privilege := range privileges {
|
| 82 | 82 |
fmt.Fprintf(dockerCli.Out(), " - %s: %v\n", privilege.Name, privilege.Value) |
| 83 | 83 |
} |
| ... | ... |
@@ -11,7 +11,7 @@ func (s *DockerSuite) TestPluginBasicOps(c *check.C) {
|
| 11 | 11 |
tag := "latest" |
| 12 | 12 |
nameWithTag := name + ":" + tag |
| 13 | 13 |
|
| 14 |
- _, _, err := dockerCmdWithError("plugin", "install", name)
|
|
| 14 |
+ _, _, err := dockerCmdWithError("plugin", "install", "--grant-all-permissions", name)
|
|
| 15 | 15 |
c.Assert(err, checker.IsNil) |
| 16 | 16 |
|
| 17 | 17 |
out, _, err := dockerCmdWithError("plugin", "ls")
|
| ... | ... |
@@ -41,7 +41,7 @@ func (s *DockerSuite) TestPluginInstallDisable(c *check.C) {
|
| 41 | 41 |
tag := "latest" |
| 42 | 42 |
nameWithTag := name + ":" + tag |
| 43 | 43 |
|
| 44 |
- _, _, err := dockerCmdWithError("plugin", "install", name, "--disable")
|
|
| 44 |
+ _, _, err := dockerCmdWithError("plugin", "install", "--grant-all-permissions", "--disable", name)
|
|
| 45 | 45 |
c.Assert(err, checker.IsNil) |
| 46 | 46 |
|
| 47 | 47 |
out, _, err := dockerCmdWithError("plugin", "ls")
|