Skip to content

Add role mapping actions #75

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
i11 wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add role mapping actions #75

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
cc1865f
Add create and delete user to role mapping actions
Jul 12, 2013
b798cb8
Add setters for ldap connection, user and group configuration
Jul 15, 2013
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion VERSION
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
3.0.0
3.0.1
Copy link
Copy Markdown
Contributor

@KAllan357 KAllan357 Jul 23, 2013

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We shouldn't change this file in pull requests. It will be changed when a new version is released.

2 changes: 2 additions & 0 deletions lib/nexus_cli.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,8 @@ module NexusCli
autoload :LoggingActions, 'nexus_cli/mixins/logging_actions'
autoload :CustomMetadataActions, 'nexus_cli/mixins/pro/custom_metadata_actions'
autoload :SmartProxyActions, 'nexus_cli/mixins/pro/smart_proxy_actions'
autoload :RoleMappingActions, 'nexus_cli/mixins/role_mapping_actions'
autoload :LdapActions, 'nexus_cli/mixins/ldap_actions'

class << self
def root
Expand Down
43 changes: 43 additions & 0 deletions lib/nexus_cli/mixins/ldap_actions.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
require 'json'

module NexusCli
# @author Ilja Bobkevic <ilja.bobkevic@gmail.com>
module LdapActions

# Set provided LDAP connection information
#
# @param params [Hash] a Hash of parameters for connection information
#
# @return [Boolean] true if the connection information was set, false otherwise
def set_ldap_connection_info(params)
response = nexus.put(nexus_url("service/local/ldap/conn_info"), :body => create_data(params), :header => DEFAULT_CONTENT_TYPE_HEADER)
case response.status
when 200
return true
else
raise UnexpectedStatusCodeException.new(reponse.code)
end
end

# Set provided LDAP user and group configuration
#
# @param params [Hash] a Hash of parameters for user and group configuration
#
# @return [Boolean] true if the user and group configuration was set, false otherwise
def set_ldap_user_group_configuration(params)
response = nexus.put(nexus_url("service/local/ldap/user_group_conf"), :body => create_data(params), :header => DEFAULT_CONTENT_TYPE_HEADER)
case response.status
when 200
return true
else
raise UnexpectedStatusCodeException.new(reponse.code)
end
end

private

def create_data(params)
JSON.dump(:data => params)
end
end
end
48 changes: 48 additions & 0 deletions lib/nexus_cli/mixins/role_mapping_actions.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
require 'json'

module NexusCli
# @author Ilja Bobkevic <ilja.bobkevic@gmail.com>
module RoleMappingActions

# Creates a User to role mapping within given source
#
# @param params [Hash] a Hash of parameters to use during user to role mapping creation
#
# @return [Boolean] true if the user to role mapping is created, false otherwise
def create_role_mapping(params)
response = nexus.put(nexus_url("service/local/user_to_roles/#{params[:source]}/#{params[:userId]}"), :body => create_user_json(params), :header => DEFAULT_CONTENT_TYPE_HEADER)
case response.status
when 204
return true
when 404
raise UserNotFoundException.new(params[:userId])
else
raise UnexpectedStatusCodeException.new(reponse.code)
end
end

# Deletes the Nexus user to role mapping from define source and with the given user id.
#
# @param realm [String] the mapping realm, e.g. LDAP
# @param user_id [String] the Nexus user to role mapping to delete
#
# @return [Boolean] true if the user to role mapping is deleted, false otherwise
def delete_role_mapping(realm, mapping_id)
response = nexus.delete(nexus_url("service/local/user_to_roles/#{realm}/#{mapping_id}"))
case response.status
when 204
return true
when 404
raise UserNotFoundException.new(mapping_id)
else
raise UnexpectedStatusCodeException.new(response.status)
end
end

private

def create_user_json(params)
JSON.dump(:data => params)
end
end
end
2 changes: 2 additions & 0 deletions lib/nexus_cli/remote/oss_remote.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,7 @@ class OSSRemote < BaseRemote
include LoggingActions
include RepositoryActions
include UserActions
include RoleMappingActions
include LdapActions
end
end
209 changes: 209 additions & 0 deletions lib/nexus_cli/tasks.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -240,6 +240,141 @@ def delete_user(user_id)
end
end

method_option :username,
:type => :string,
:default => nil,
:desc => "The mapping username."
method_option :realm,
:type => :string,
:default => nil,
:desc => "The mapping realm."
method_option :roles,
:type => :array,
:default => [],
:require => false,
:desc => "An array of roles."
desc "create_role_mapping", "Creates a new user to role mapping."
def create_role_mapping
params = ask_role_mapping(options)

if nexus_remote.create_role_mapping(params)
say "A user to role mapping with the ID of #{params[:userId]} for realm #{params[:source]} has been created.", :blue
end
end

desc "delete_role_mapping realm mapping_id", "Deletes the user to role mapping from defined realm and with the given id."
def delete_role_mapping(realm, mapping_id)
if nexus_remote.delete_role_mapping(realm, mapping_id)
say "User to role mapping #{mapping_id} has been deleted from mapping realm #{realm}.", :blue
end
end

method_option :search_base,
:type => :string,
:default => nil,
:desc => "The LDAP search base."
method_option :auth_scheme,
:type => :string,
:default => 'none',
:require => false,
:desc => "The LDAP authentication scheme."
method_option :protocol,
:type => :string,
:default => 'ldap',
:require => false,
:desc => "The LDAP protocol."
method_option :port,
:type => :numeric,
:default => 389,
:require => false,
:desc => "The LDAP server port."
method_option :host,
:type => :string,
:default => nil,
:desc => "The LDAP server host name."
desc "set_ldap_connection_info", "Sets LDAP connection information."
def set_ldap_connection_info
params = ask_ldap_conn_info(options)

if nexus_remote.set_ldap_connection_info(params)
say "A LDAP connection information has been updated.", :blue
end
end

method_option :email_address_attribute,
:type => :string,
:default => 'mail',
:require => false,
:desc => "The LDAP email address attribute."
method_option :ldap_groups_as_roles,
:type => :boolean,
:default => true,
:require => false,
:desc => "Treat LDAP groups as roles."
method_option :group_base_dn,
:type => :string,
:default => 'ou=Groups',
:require => false,
:desc => "The LDAP group base distinguished name."
method_option :group_id_attribute,
:type => :string,
:default => 'cn',
:require => false,
:desc => "The LDAP group id attribute."
method_option :group_member_attribute,
:type => :string,
:default => 'uniqueMember',
:require => false,
:desc => "The LDAP group member attribute."
method_option :group_member_format,
:type => :string,
:default => '${username}',
:require => false,
:desc => "The LDAP group member format."
method_option :group_object_class,
:type => :string,
:default => 'groupOfUniqueNames',
:require => false,
:desc => "The LDAP group object class name."
method_option :user_id_attribute,
:type => :string,
:default => 'uid',
:require => false,
:desc => "The LDAP user id attribute."
method_option :user_object_class,
:type => :string,
:default => 'inetOrgPerson',
:require => false,
:desc => "The LDAP user object class name."
method_option :user_base_dn,
:type => :string,
:default => 'ou=People',
:require => false,
:desc => "The LDAP user base distinguished name."
method_option :user_real_name_attribute,
:type => :string,
:default => 'cn',
:require => false,
:desc => "The LDAP user real name attribute."
method_option :user_subtree,
:type => :boolean,
:default => false,
:require => false,
:desc => "Look for LDAP users in the subtree."
method_option :group_subtree,
:type => :boolean,
:default => false,
:require => false,
:desc => "Look for LDAP groups in the subtree."
desc "set_ldap_user_group_configuration", "Sets LDAP user and group configuration."
def set_ldap_user_group_configuration
params = ask_ldap_user_group_conf(options)

if nexus_remote.set_ldap_user_group_configuration(params)
say "A LDAP user and group configuration has been updated.", :blue
end
end

method_option :oldPassword,
:type => :string,
:default => nil,
Expand Down Expand Up @@ -490,6 +625,80 @@ def ask_password(message)
q.echo = false
end
end

def ask_role_mapping(params, ask_username=true)
username = params[:username]
source = params[:realm]
roles = params[:roles]

if username.nil? && ask_username
username = ask "Please enter the mapping username:"
end
if source.nil?
first_name = ask "Please enter the mapping realm:"
end
if roles.size == 0
roles = ask "Please enter the mapping roles:"
end
params = {:userId => username}
params[:source] = source
params[:roles] = roles.kind_of?(Array) ? roles : roles.split(' ')
params
end

def ask_ldap_conn_info(params, ask_host=true, ask_search_base=true)
search_base = params[:search_base]
auth_scheme = params[:auth_scheme]
protocol = params[:protocol]
host = params[:host]
port = params[:port]

if host.nil? && ask_host
host = ask "Please enter the LDAP server host name:"
end

if search_base.nil? && ask_search_base
search_base = ask "Please enter the LDAP search base:"
end

params = {:host => host}
params[:searchBase] = search_base
params[:authScheme] = auth_scheme unless auth_scheme.nil?
params[:protocol] = protocol unless protocol.nil?
params[:port] = port unless port.nil?
params
end

def ask_ldap_user_group_conf(params)
email_address_attribute = params[:email_address_attribute]
ldap_groups_as_roles = params[:ldap_groups_as_roles]
group_base_dn = params[:group_base_dn]
group_id_attribute = params[:group_id_attribute]
group_member_attribute = params[:group_member_attribute]
group_member_format = params[:group_member_format]
group_object_class = params[:group_object_class]
user_id_attribute = params[:user_id_attribute]
user_object_class = params[:user_object_class]
user_base_dn = params[:user_base_dn]
user_real_name_attribute = params[:user_real_name_attribute]
user_subtree = params[:user_subtree]
group_subtree = params[:group_subtree]

params = {:emailAddressAttribute => email_address_attribute}
params[:ldapGroupsAsRoles] = ldap_groups_as_roles
params[:groupBaseDn] = group_base_dn
params[:groupIdAttribute] = group_id_attribute
params[:groupMemberAttribute] = group_member_attribute
params[:groupMemberFormat] = group_member_format
params[:groupObjectClass] = group_object_class
params[:userIdAttribute] = user_id_attribute
params[:userObjectClass] = user_object_class
params[:userBaseDn] = user_base_dn
params[:userRealNameAttribute] = user_real_name_attribute
params[:userSubtree] = user_subtree
params[:groupSubtree] = group_subtree
params
end
end
end
end
Expand Down