Add CLI commands for global permission management (#2091)

Add CLI commands for permission management for users and groups.

Co-authored-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>

scm-webapp/src/main/java/sonia/scm/cli/PermissionDescriptionResolver.java

@@ -35,6 +35,8 @@ import static java.util.Optional.empty;
 import static java.util.Optional.of;
 
 public class PermissionDescriptionResolver {
+
+  private static final String DISPLAYNAME = "displayName";
   private final I18nCollector i18nCollector;
   private final Locale locale;
 
@@ -44,12 +46,21 @@ public class PermissionDescriptionResolver {
   }
 
   public Optional<String> getDescription(String verb) {
+    collectI18nJson();
+    return getVerbDescriptionFromI18nBundle(verb);
+  }
+
+  public Optional<String> getGlobalDescription(String verb) {
+    collectI18nJson();
+    return getGlobalVerbDescriptionFromI18nBundle(verb);
+  }
+
+  private void collectI18nJson() {
     try {
       i18nCollector.findJson(locale.getLanguage());
     } catch (IOException e) {
       throw new RuntimeException("failed to load i18n package", e);
     }
-    return getVerbDescriptionFromI18nBundle(verb);
   }
 
   private Optional<String> getVerbDescriptionFromI18nBundle(String verb) {
@@ -74,11 +85,86 @@ public class PermissionDescriptionResolver {
     if (permissionNode == null) {
       return empty();
     }
-    JsonNode displayNameNode = permissionNode.get("displayName");
+    JsonNode displayNameNode = permissionNode.get(DISPLAYNAME);
     if (displayNameNode == null) {
       return empty();
     }
 
     return of(displayNameNode.asText());
   }
+
+  private Optional<String> getGlobalVerbDescriptionFromI18nBundle(String verb) {
+    String[] verbParts = verb.split(":");
+
+    Optional<JsonNode> jsonNode;
+    try {
+      jsonNode = i18nCollector.findJson(locale.getLanguage());
+    } catch (IOException e) {
+      return empty();
+    }
+    if (jsonNode.isEmpty()) {
+      return empty();
+    }
+    JsonNode permissionsNode = jsonNode.get().get("permissions");
+    if (permissionsNode == null) {
+      return empty();
+    }
+    if (verbParts.length == 1) {
+      return resolveSinglePartPermission(verb, permissionsNode);
+    } else if (verbParts.length == 2) {
+      return resolveTwoPartPermission(verbParts, permissionsNode);
+    } else if (verbParts.length == 3) {
+      return resolveThreePartPermission(verbParts, permissionsNode);
+    }
+
+    return empty();
+  }
+
+  private Optional<String> resolveSinglePartPermission(String verb, JsonNode permissionsNode) {
+    JsonNode firstNode = permissionsNode.get(verb);
+    if (firstNode == null) {
+      return empty();
+    }
+    JsonNode displayNameNode = firstNode.get(DISPLAYNAME);
+    if (displayNameNode == null) {
+      return empty();
+    }
+    return of(displayNameNode.asText());
+  }
+
+  private Optional<String> resolveTwoPartPermission(String[] verbParts, JsonNode permissionsNode) {
+    JsonNode firstNode = permissionsNode.get(verbParts[0]);
+    if (firstNode == null) {
+      return empty();
+    }
+    JsonNode secondNode = firstNode.get(verbParts[1]);
+    if (secondNode == null) {
+      return empty();
+    }
+    JsonNode displayNameNode = secondNode.get(DISPLAYNAME);
+    if (displayNameNode == null) {
+      return empty();
+    }
+    return of(displayNameNode.asText());
+  }
+
+  private Optional<String> resolveThreePartPermission(String[] verbParts, JsonNode permissionsNode) {
+    JsonNode firstNode = permissionsNode.get(verbParts[0]);
+    if (firstNode == null) {
+      return empty();
+    }
+    JsonNode secondNode = firstNode.get(verbParts[1]);
+    if (secondNode == null) {
+      return empty();
+    }
+    JsonNode thirdNode = secondNode.get(verbParts[2]);
+    if (thirdNode == null) {
+      return empty();
+    }
+    JsonNode displayNameNode = thirdNode.get(DISPLAYNAME);
+    if (displayNameNode == null) {
+      return empty();
+    }
+    return of(displayNameNode.asText());
+  }
 }

scm-webapp/src/main/java/sonia/scm/group/cli/GroupPermissionAddCommand.java

@@ -0,0 +1,94 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.group.cli;
+
+import com.google.common.annotations.VisibleForTesting;
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.group.Group;
+import sonia.scm.group.GroupManager;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+
+import javax.inject.Inject;
+import java.util.Collection;
+
+@ParentCommand(value = GroupCommand.class)
+@CommandLine.Command(name = "add-permissions")
+class GroupPermissionAddCommand implements Runnable {
+
+  @CommandLine.Parameters(index = "0", paramLabel = "<name>", descriptionKey = "scm.group.name")
+  private String name;
+
+  @CommandLine.Parameters(index = "1..", arity = "1..", paramLabel = "<permission>", descriptionKey = "scm.group.permissions")
+  private String[] addedPermissions;
+
+  @CommandLine.Mixin
+  private final GroupTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final GroupManager groupManager;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+  @Inject
+  GroupPermissionAddCommand(GroupTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, GroupManager groupManager) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.groupManager = groupManager;
+  }
+
+  @Override
+  public void run() {
+    Group group = groupManager.get(name);
+    if (group == null) {
+      templateRenderer.renderNotFoundError();
+      return;
+    }
+    Collection<PermissionDescriptor> permissions = permissionAssigner.readPermissionsForGroup(name);
+    for (String addedPermission : addedPermissions) {
+      if (isPermissionInvalid(addedPermission)) {
+        templateRenderer.renderUnknownPermissionError(addedPermission);
+        return;
+      }
+      permissions.add(new PermissionDescriptor(addedPermission));
+    }
+    permissionAssigner.setPermissionsForGroup(name, permissions);
+  }
+
+  private boolean isPermissionInvalid(String permission) {
+    return permissionAssigner.getAvailablePermissions()
+      .stream()
+      .noneMatch(p -> p.getValue().equals(permission));
+  }
+
+  @VisibleForTesting
+  void setName(String name) {
+    this.name = name;
+  }
+  @VisibleForTesting
+  void setAddedPermissions(String[] addedPermissions) {
+    this.addedPermissions = addedPermissions;
+  }
+}

scm-webapp/src/main/java/sonia/scm/group/cli/GroupPermissionAvailableCommand.java

@@ -0,0 +1,73 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.group.cli;
+
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.cli.PermissionDescriptionResolver;
+import sonia.scm.cli.Table;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+
+import javax.inject.Inject;
+import java.util.Collection;
+import java.util.Map;
+
+@ParentCommand(value = GroupCommand.class)
+@CommandLine.Command(name = "available-permissions")
+class GroupPermissionAvailableCommand implements Runnable {
+
+  private static final String TABLE_TEMPLATE = String.join("\n",
+    "{{#rows}}",
+    "{{#cols}}{{#row.first}}{{#upper}}{{value}}{{/upper}}{{/row.first}}{{^row.first}}{{value}}{{/row.first}}{{^last}} {{/last}}{{/cols}}",
+    "{{/rows}}"
+  );
+
+  @CommandLine.Mixin
+  private final GroupTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final PermissionDescriptionResolver descriptionResolver;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+  @Inject
+  GroupPermissionAvailableCommand(GroupTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, PermissionDescriptionResolver descriptionResolver) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.descriptionResolver = descriptionResolver;
+  }
+
+  @Override
+  public void run() {
+    Collection<PermissionDescriptor> availablePermissions = permissionAssigner.getAvailablePermissions();
+    Table table = templateRenderer.createTable();
+    table.addHeader("value", "description");
+    for (PermissionDescriptor descriptor : availablePermissions) {
+      String verb = descriptor.getValue();
+      table.addRow(verb, descriptionResolver.getGlobalDescription(verb).orElse(verb));
+    }
+    templateRenderer.renderToStdout(TABLE_TEMPLATE, Map.of("rows", table, "permissions", availablePermissions));
+  }
+}

scm-webapp/src/main/java/sonia/scm/group/cli/GroupPermissionClearCommand.java

@@ -0,0 +1,72 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.group.cli;
+
+import com.google.common.annotations.VisibleForTesting;
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.group.Group;
+import sonia.scm.group.GroupManager;
+import sonia.scm.security.PermissionAssigner;
+
+import javax.inject.Inject;
+import java.util.Collections;
+
+@ParentCommand(value = GroupCommand.class)
+@CommandLine.Command(name = "clear-permissions")
+class GroupPermissionClearCommand implements Runnable {
+
+  @CommandLine.Parameters(index = "0", paramLabel = "<name>", descriptionKey = "scm.group.name")
+  private String name;
+
+  @CommandLine.Mixin
+  private final GroupTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final GroupManager groupManager;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+  @Inject
+  GroupPermissionClearCommand(GroupTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, GroupManager groupManager) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.groupManager = groupManager;
+  }
+
+  @Override
+  public void run() {
+    Group group = groupManager.get(name);
+    if (group == null) {
+      templateRenderer.renderNotFoundError();
+      return;
+    }
+    permissionAssigner.setPermissionsForGroup(name, Collections.emptyList());
+  }
+
+  @VisibleForTesting
+  void setName(String name) {
+    this.name = name;
+  }
+}

scm-webapp/src/main/java/sonia/scm/group/cli/GroupPermissionListCommand.java

@@ -0,0 +1,106 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.group.cli;
+
+import com.google.common.annotations.VisibleForTesting;
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.cli.PermissionDescriptionResolver;
+import sonia.scm.group.Group;
+import sonia.scm.group.GroupManager;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+
+import javax.inject.Inject;
+import java.util.Collection;
+import java.util.List;
+import java.util.stream.Collectors;
+
+@ParentCommand(value = GroupCommand.class)
+@CommandLine.Command(name = "list-permissions")
+class GroupPermissionListCommand implements Runnable {
+
+  @CommandLine.Parameters(index = "0", paramLabel = "<name>", descriptionKey = "scm.group.name")
+  private String name;
+
+  @CommandLine.Option(names = {"--keys", "-k"}, descriptionKey = "scm.group.list-permissions.keys")
+  private boolean keys;
+
+  @CommandLine.Mixin
+  private final GroupTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final PermissionDescriptionResolver descriptionResolver;
+  private final GroupManager groupManager;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+
+  @Inject
+  GroupPermissionListCommand(GroupTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, PermissionDescriptionResolver descriptionResolver, GroupManager groupManager) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.descriptionResolver = descriptionResolver;
+    this.groupManager = groupManager;
+  }
+
+
+  @Override
+  public void run() {
+    Collection<PermissionDescriptor> permissions;
+    Group group = groupManager.get(name);
+    if (group == null) {
+      templateRenderer.renderNotFoundError();
+      return;
+    } else {
+      permissions = permissionAssigner.readPermissionsForGroup(name);
+    }
+    if (keys) {
+      templateRenderer.render(resolvePermissions(permissions));
+    } else {
+      templateRenderer.render(resolvePermissionDescriptions(permissions));
+    }
+  }
+
+  private List<String> resolvePermissions(Collection<PermissionDescriptor> permissions) {
+    return permissions.stream().map(PermissionDescriptor::getValue).collect(Collectors.toList());
+  }
+
+  private List<String> resolvePermissionDescriptions(Collection<PermissionDescriptor> permissions) {
+    return permissions.stream()
+      .map(p -> descriptionResolver.getGlobalDescription(p.getValue()).orElse(p.getValue()))
+      .collect(Collectors.toList());
+  }
+
+  @VisibleForTesting
+  void setName(String name) {
+    this.name = name;
+  }
+
+  @VisibleForTesting
+  void setKeys(boolean keys) {
+    this.keys = keys;
+  }
+}
+

scm-webapp/src/main/java/sonia/scm/group/cli/GroupPermissionRemoveCommand.java

@@ -0,0 +1,93 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.group.cli;
+
+import com.google.common.annotations.VisibleForTesting;
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.group.Group;
+import sonia.scm.group.GroupManager;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+
+import javax.inject.Inject;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.List;
+import java.util.stream.Collectors;
+
+@ParentCommand(value = GroupCommand.class)
+@CommandLine.Command(name = "remove-permissions")
+class GroupPermissionRemoveCommand implements Runnable {
+
+  @CommandLine.Parameters(index = "0", paramLabel = "<name>", descriptionKey = "scm.group.name")
+  private String name;
+
+  @CommandLine.Parameters(index = "1..", arity = "1..", paramLabel = "<permission>", descriptionKey = "scm.group.permissions")
+  private String[] removedPermissions;
+
+  @CommandLine.Mixin
+  private final GroupTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final GroupManager groupManager;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+  @Inject
+  GroupPermissionRemoveCommand(GroupTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, GroupManager groupManager) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.groupManager = groupManager;
+  }
+
+  @Override
+  public void run() {
+    Group group = groupManager.get(name);
+    if (group == null) {
+      templateRenderer.renderNotFoundError();
+      return;
+    }
+    Collection<PermissionDescriptor> permissions = permissionAssigner.readPermissionsForGroup(name);
+    permissionAssigner.setPermissionsForGroup(name, getReducedPermissions(permissions));
+  }
+
+  private List<PermissionDescriptor> getReducedPermissions(Collection<PermissionDescriptor> permissions) {
+    return permissions.stream()
+      .filter(p -> Arrays.stream(removedPermissions)
+        .noneMatch(rp -> rp.equals(p.getValue()))
+      )
+      .collect(Collectors.toList());
+  }
+
+  @VisibleForTesting
+  void setName(String name) {
+    this.name = name;
+  }
+
+  @VisibleForTesting
+  void setRemovedPermissions(String[] removedPermissions) {
+    this.removedPermissions = removedPermissions;
+  }
+}

scm-webapp/src/main/java/sonia/scm/group/cli/GroupTemplateRenderer.java

@@ -33,18 +33,29 @@ import sonia.scm.group.Group;
 import sonia.scm.template.TemplateEngineFactory;
 
 import javax.inject.Inject;
+import java.util.Collection;
 import java.util.Collections;
+import java.util.Map;
+
+import static java.util.Map.entry;
 
 class GroupTemplateRenderer extends TemplateRenderer {
 
-  private static final String NOT_FOUND_TEMPLATE = "{{i18n.groupNotFound}}";
+  private static final String NOT_FOUND_TEMPLATE = "{{i18n.groupNotFound}}\n";
 
+  private static final String UNKNOWN_PERMISSION_TEMPLATE = "{{i18n.permissionUnknown}}: {{permission}}\n";
   private static final String DETAILS_TABLE_TEMPLATE = String.join("\n",
     "{{#rows}}",
     "{{#cols}}{{value}}{{/cols}}",
     "{{/rows}}"
   );
 
+  private static final String PERMISSION_LIST_TEMPLATE = String.join("\n",
+    "{{#permissions}}",
+    "{{.}}",
+    "{{/permissions}}"
+  );
+
   private final GroupCommandBeanMapper mapper;
 
   @Inject
@@ -72,4 +83,13 @@ class GroupTemplateRenderer extends TemplateRenderer {
     renderToStderr(NOT_FOUND_TEMPLATE, Collections.emptyMap());
     getContext().exit(ExitCode.NOT_FOUND);
   }
+
+  void renderUnknownPermissionError(String permission) {
+    renderToStderr(UNKNOWN_PERMISSION_TEMPLATE, Map.of("permission", permission));
+    getContext().exit(ExitCode.USAGE);
+  }
+
+  void render(Collection<String> permissions) {
+    renderToStdout(PERMISSION_LIST_TEMPLATE, Map.ofEntries(entry("permissions", permissions)));
+  }
 }

scm-webapp/src/main/java/sonia/scm/user/cli/UserPermissionAddCommand.java

@@ -0,0 +1,94 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.user.cli;
+
+import com.google.common.annotations.VisibleForTesting;
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+import sonia.scm.user.User;
+import sonia.scm.user.UserManager;
+
+import javax.inject.Inject;
+import java.util.Collection;
+
+@ParentCommand(value = UserCommand.class)
+@CommandLine.Command(name = "add-permissions")
+class UserPermissionAddCommand implements Runnable {
+
+  @CommandLine.Parameters(index = "0", paramLabel = "<username>", descriptionKey = "scm.user.name")
+  private String name;
+
+  @CommandLine.Parameters(index = "1..", arity = "1..", paramLabel = "<permission>", descriptionKey = "scm.user.permissions")
+  private String[] addedPermissions;
+
+  @CommandLine.Mixin
+  private final UserTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final UserManager userManager;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+  @Inject
+  UserPermissionAddCommand(UserTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, UserManager userManager) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.userManager = userManager;
+  }
+
+  @Override
+  public void run() {
+    User user = userManager.get(name);
+    if (user == null) {
+      templateRenderer.renderNotFoundError();
+      return;
+    }
+    Collection<PermissionDescriptor> permissions = permissionAssigner.readPermissionsForUser(name);
+    for (String addedPermission : addedPermissions) {
+      if (isPermissionInvalid(addedPermission)) {
+        templateRenderer.renderUnknownPermissionError(addedPermission);
+        return;
+      }
+      permissions.add(new PermissionDescriptor(addedPermission));
+    }
+    permissionAssigner.setPermissionsForUser(name, permissions);
+  }
+
+  private boolean isPermissionInvalid(String permission) {
+    return permissionAssigner.getAvailablePermissions()
+      .stream()
+      .noneMatch(p -> p.getValue().equals(permission));
+  }
+
+  @VisibleForTesting
+  void setName(String name) {
+    this.name = name;
+  }
+  @VisibleForTesting
+  void setAddedPermissions(String[] addedPermissions) {
+    this.addedPermissions = addedPermissions;
+  }
+}

scm-webapp/src/main/java/sonia/scm/user/cli/UserPermissionAvailableCommand.java

@@ -0,0 +1,73 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.user.cli;
+
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.cli.PermissionDescriptionResolver;
+import sonia.scm.cli.Table;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+
+import javax.inject.Inject;
+import java.util.Collection;
+import java.util.Map;
+
+@ParentCommand(value = UserCommand.class)
+@CommandLine.Command(name = "available-permissions")
+class UserPermissionAvailableCommand implements Runnable {
+
+  private static final String TABLE_TEMPLATE = String.join("\n",
+    "{{#rows}}",
+    "{{#cols}}{{#row.first}}{{#upper}}{{value}}{{/upper}}{{/row.first}}{{^row.first}}{{value}}{{/row.first}}{{^last}} {{/last}}{{/cols}}",
+    "{{/rows}}"
+  );
+
+  @CommandLine.Mixin
+  private final UserTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final PermissionDescriptionResolver descriptionResolver;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+  @Inject
+  UserPermissionAvailableCommand(UserTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, PermissionDescriptionResolver descriptionResolver) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.descriptionResolver = descriptionResolver;
+  }
+
+  @Override
+  public void run() {
+    Collection<PermissionDescriptor> availablePermissions = permissionAssigner.getAvailablePermissions();
+    Table table = templateRenderer.createTable();
+    table.addHeader("value", "description");
+    for (PermissionDescriptor descriptor : availablePermissions) {
+      String verb = descriptor.getValue();
+      table.addRow(verb, descriptionResolver.getGlobalDescription(verb).orElse(verb));
+    }
+    templateRenderer.renderToStdout(TABLE_TEMPLATE, Map.of("rows", table, "permissions", availablePermissions));
+  }
+}

scm-webapp/src/main/java/sonia/scm/user/cli/UserPermissionClearCommand.java

@@ -0,0 +1,72 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.user.cli;
+
+import com.google.common.annotations.VisibleForTesting;
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.user.User;
+import sonia.scm.user.UserManager;
+
+import javax.inject.Inject;
+import java.util.Collections;
+
+@ParentCommand(value = UserCommand.class)
+@CommandLine.Command(name = "clear-permissions")
+class UserPermissionClearCommand implements Runnable {
+
+  @CommandLine.Parameters(index = "0", paramLabel = "<username>", descriptionKey = "scm.user.name")
+  private String name;
+
+  @CommandLine.Mixin
+  private final UserTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final UserManager userManager;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+  @Inject
+  UserPermissionClearCommand(UserTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, UserManager userManager) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.userManager = userManager;
+  }
+
+  @Override
+  public void run() {
+    User user = userManager.get(name);
+    if (user == null) {
+      templateRenderer.renderNotFoundError();
+      return;
+    }
+    permissionAssigner.setPermissionsForUser(name, Collections.emptyList());
+  }
+
+  @VisibleForTesting
+  void setName(String name) {
+    this.name = name;
+  }
+}

scm-webapp/src/main/java/sonia/scm/user/cli/UserPermissionListCommand.java

@@ -0,0 +1,104 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.user.cli;
+
+import com.google.common.annotations.VisibleForTesting;
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.cli.PermissionDescriptionResolver;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+import sonia.scm.user.User;
+import sonia.scm.user.UserManager;
+
+import javax.inject.Inject;
+import java.util.Collection;
+import java.util.List;
+import java.util.stream.Collectors;
+
+@ParentCommand(value = UserCommand.class)
+@CommandLine.Command(name = "list-permissions")
+class UserPermissionListCommand implements Runnable {
+
+  @CommandLine.Parameters(index = "0", paramLabel = "<username>", descriptionKey = "scm.user.username")
+  private String name;
+
+  @CommandLine.Option(names = {"--keys", "-k"}, descriptionKey = "scm.user.list-permissions.keys")
+  private boolean keys;
+
+  @CommandLine.Mixin
+  private final UserTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final PermissionDescriptionResolver descriptionResolver;
+  private final UserManager userManager;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+
+  @Inject
+  UserPermissionListCommand(UserTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, PermissionDescriptionResolver descriptionResolver, UserManager userManager) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.descriptionResolver = descriptionResolver;
+    this.userManager = userManager;
+  }
+
+  @Override
+  public void run() {
+    Collection<PermissionDescriptor> permissions;
+    User user = userManager.get(name);
+    if (user == null) {
+      templateRenderer.renderNotFoundError();
+      return;
+    }
+    permissions = permissionAssigner.readPermissionsForUser(name);
+
+    if (keys) {
+      templateRenderer.render(resolvePermissions(permissions));
+    } else {
+      templateRenderer.render(resolvePermissionDescriptions(permissions));
+    }
+  }
+
+  private List<String> resolvePermissions(Collection<PermissionDescriptor> permissions) {
+    return permissions.stream().map(PermissionDescriptor::getValue).collect(Collectors.toList());
+  }
+
+  private List<String> resolvePermissionDescriptions(Collection<PermissionDescriptor> permissions) {
+    return permissions.stream()
+      .map(p -> descriptionResolver.getGlobalDescription(p.getValue()).orElse(p.getValue()))
+      .collect(Collectors.toList());
+  }
+
+  @VisibleForTesting
+  void setName(String name) {
+    this.name = name;
+  }
+
+  @VisibleForTesting
+  void setKeys(boolean keys) {
+    this.keys = keys;
+  }
+}

scm-webapp/src/main/java/sonia/scm/user/cli/UserPermissionRemoveCommand.java

@@ -0,0 +1,93 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.user.cli;
+
+import com.google.common.annotations.VisibleForTesting;
+import picocli.CommandLine;
+import sonia.scm.cli.ParentCommand;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+import sonia.scm.user.User;
+import sonia.scm.user.UserManager;
+
+import javax.inject.Inject;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.List;
+import java.util.stream.Collectors;
+
+@ParentCommand(value = UserCommand.class)
+@CommandLine.Command(name = "remove-permissions")
+class UserPermissionRemoveCommand implements Runnable {
+
+  @CommandLine.Parameters(index = "0", paramLabel = "<username>", descriptionKey = "scm.user.name")
+  private String name;
+
+  @CommandLine.Parameters(index = "1..", arity = "1..", paramLabel = "<permission>", descriptionKey = "scm.user.permissions")
+  private String[] removedPermissions;
+
+  @CommandLine.Mixin
+  private final UserTemplateRenderer templateRenderer;
+  private final PermissionAssigner permissionAssigner;
+  private final UserManager userManager;
+  @CommandLine.Spec
+  private CommandLine.Model.CommandSpec spec;
+
+  @Inject
+  UserPermissionRemoveCommand(UserTemplateRenderer templateRenderer, PermissionAssigner permissionAssigner, UserManager userManager) {
+    this.templateRenderer = templateRenderer;
+    this.permissionAssigner = permissionAssigner;
+    this.userManager = userManager;
+  }
+
+  @Override
+  public void run() {
+    User user = userManager.get(name);
+    if (user == null) {
+      templateRenderer.renderNotFoundError();
+      return;
+    }
+    Collection<PermissionDescriptor> permissions = permissionAssigner.readPermissionsForUser(name);
+    permissionAssigner.setPermissionsForUser(name, getReducedPermissions(permissions));
+  }
+
+  private List<PermissionDescriptor> getReducedPermissions(Collection<PermissionDescriptor> permissions) {
+    return permissions.stream()
+      .filter(p -> Arrays.stream(removedPermissions)
+        .noneMatch(rp -> rp.equals(p.getValue()))
+      )
+      .collect(Collectors.toList());
+  }
+
+  @VisibleForTesting
+  void setName(String name) {
+    this.name = name;
+  }
+
+  @VisibleForTesting
+  void setRemovedPermissions(String[] removedPermissions) {
+    this.removedPermissions = removedPermissions;
+  }
+}

scm-webapp/src/main/java/sonia/scm/user/cli/UserTemplateRenderer.java

@@ -33,7 +33,11 @@ import sonia.scm.template.TemplateEngineFactory;
 import sonia.scm.user.User;
 
 import javax.inject.Inject;
-import java.util.Collections;
+import java.util.Collection;
+import java.util.Map;
+
+import static java.util.Collections.emptyMap;
+import static java.util.Map.entry;
 
 class UserTemplateRenderer extends TemplateRenderer {
 
@@ -42,10 +46,19 @@ class UserTemplateRenderer extends TemplateRenderer {
     "{{#cols}}{{value}}{{/cols}}",
     "{{/rows}}"
   );
-  private static final String PASSWORD_ERROR_TEMPLATE = "{{i18n.scmUserErrorPassword}}";
-  private static final String EXTERNAL_ACTIVATE_TEMPLATE = "{{i18n.scmUserErrorExternalActivate}}";
-  private static final String EXTERNAL_DEACTIVATE_TEMPLATE = "{{i18n.scmUserErrorExternalDeactivate}}";
-  private static final String NOT_FOUND_TEMPLATE = "{{i18n.scmUserErrorNotFound}}";
+
+  private static final String PERMISSION_LIST_TEMPLATE = String.join("\n",
+    "{{#permissions}}",
+    "{{.}}",
+    "{{/permissions}}"
+  );
+
+  private static final String PASSWORD_ERROR_TEMPLATE = "{{i18n.scmUserErrorPassword}}\n";
+  private static final String EXTERNAL_ACTIVATE_TEMPLATE = "{{i18n.scmUserErrorExternalActivate}}\n";
+  private static final String EXTERNAL_DEACTIVATE_TEMPLATE = "{{i18n.scmUserErrorExternalDeactivate}}\n";
+  private static final String NOT_FOUND_TEMPLATE = "{{i18n.scmUserErrorNotFound}}\n";
+  private static final String UNKNOWN_PERMISSION_TEMPLATE = "{{i18n.permissionUnknown}}: {{permission}}\n";
+
 
   private final CliContext context;
   private final UserCommandBeanMapper mapper;
@@ -74,26 +87,35 @@ class UserTemplateRenderer extends TemplateRenderer {
   }
 
   public void renderPasswordError() {
-    renderToStderr(PASSWORD_ERROR_TEMPLATE, Collections.emptyMap());
+    renderToStderr(PASSWORD_ERROR_TEMPLATE, emptyMap());
     context.getStderr().println();
     context.exit(ExitCode.USAGE);
   }
 
   public void renderExternalActivateError() {
-    renderToStderr(EXTERNAL_ACTIVATE_TEMPLATE, Collections.emptyMap());
+    renderToStderr(EXTERNAL_ACTIVATE_TEMPLATE, emptyMap());
     context.getStderr().println();
     context.exit(ExitCode.USAGE);
   }
 
   public void renderExternalDeactivateError() {
-    renderToStderr(EXTERNAL_DEACTIVATE_TEMPLATE, Collections.emptyMap());
+    renderToStderr(EXTERNAL_DEACTIVATE_TEMPLATE, emptyMap());
     context.getStderr().println();
     context.exit(ExitCode.USAGE);
   }
 
   public void renderNotFoundError() {
-    renderToStderr(NOT_FOUND_TEMPLATE, Collections.emptyMap());
+    renderToStderr(NOT_FOUND_TEMPLATE, emptyMap());
     context.getStderr().println();
     context.exit(ExitCode.NOT_FOUND);
   }
+
+  void renderUnknownPermissionError(String permission) {
+    renderToStderr(UNKNOWN_PERMISSION_TEMPLATE, Map.of("permission", permission));
+    getContext().exit(ExitCode.USAGE);
+  }
+
+  public void render(Collection<String> permissions) {
+    renderToStdout(PERMISSION_LIST_TEMPLATE, Map.ofEntries(entry("permissions", permissions)));
+  }
 }