identikey 0.6.0 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/export +42 -0
- data/bin/import +89 -0
- data/lib/identikey/administration.rb +10 -0
- data/lib/identikey/administration/user.rb +34 -5
- data/lib/identikey/base.rb +5 -5
- data/lib/identikey/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ddf98e9f2ab268487c380bab954e3fefebcdd729e81f74a5f1267ada748d8b8
|
|
4
|
+
data.tar.gz: 43bb94510b8cb9e6176da71ba4742891419e4591053ded611d753538d545e895
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 386ea4bc06bb5258ce0e3fa928880c3e3faae70198744c5c562c1ac8ab44b1961dfd82724e905e610432715c2ef105ff751055002489f41ea4d595652821a4b4
|
|
7
|
+
data.tar.gz: 3b7081b38c22f4da4bd74360467b6b4e9951d69e376b49ca47e314a6e2185257a00357fb131a5769b94ece4b39929d741baaba7e6e1330ba334e1c85ba08d5b7
|
data/bin/export
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require 'bundler/setup'
|
|
4
|
+
require 'identikey'
|
|
5
|
+
require 'json'
|
|
6
|
+
|
|
7
|
+
if ARGV.size != 1
|
|
8
|
+
$stderr.puts "Usage: #{$0} <users.json>"
|
|
9
|
+
exit 1
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
Identikey::Administration.configure do
|
|
13
|
+
wsdl ENV.fetch('IK_WSDL_ADMIN')
|
|
14
|
+
endpoint ENV.fetch('IK_HOST')
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
puts "Configured Admin WSDL #{ENV.fetch('IK_WSDL_ADMIN')} against #{ENV.fetch('IK_HOST')}"
|
|
18
|
+
|
|
19
|
+
$ik = Identikey::Administration::Session.new(
|
|
20
|
+
username: ENV.fetch('IK_USER'),
|
|
21
|
+
password: ENV.fetch('IK_PASS'),
|
|
22
|
+
domain: ENV.fetch('IK_DOMAIN')
|
|
23
|
+
)
|
|
24
|
+
|
|
25
|
+
$ik.logon
|
|
26
|
+
|
|
27
|
+
puts "Opened admin session with #{ENV.fetch('IK_USER')}@#{ENV.fetch('IK_DOMAIN')} against #{ENV.fetch('IK_HOST')}"
|
|
28
|
+
|
|
29
|
+
at_exit { $ik.logoff }
|
|
30
|
+
|
|
31
|
+
users = Identikey::Administration::User.search(session: $ik, query: {})
|
|
32
|
+
users_slim = users.map do |u|
|
|
33
|
+
{ username: u.username,
|
|
34
|
+
email: u.email,
|
|
35
|
+
digipass: u.digipass,
|
|
36
|
+
disabled: u.disabled,
|
|
37
|
+
locked: u.locked,
|
|
38
|
+
expires_at: u.expires_at
|
|
39
|
+
}
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
File.write ARGV[0], users_slim.to_json
|
data/bin/import
ADDED
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require 'bundler/setup'
|
|
4
|
+
require 'identikey'
|
|
5
|
+
require 'json'
|
|
6
|
+
|
|
7
|
+
if ARGV.size != 1
|
|
8
|
+
$stderr.puts "Usage: #{$0} <users.json>"
|
|
9
|
+
exit 1
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
Identikey::Administration.configure do
|
|
13
|
+
wsdl ENV.fetch('IK_WSDL_ADMIN')
|
|
14
|
+
endpoint ENV.fetch('IK_HOST')
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
puts "Configured Admin WSDL #{ENV.fetch('IK_WSDL_ADMIN')} against #{ENV.fetch('IK_HOST')}"
|
|
18
|
+
|
|
19
|
+
$ik = Identikey::Administration::Session.new(
|
|
20
|
+
username: ENV.fetch('IK_USER'),
|
|
21
|
+
password: ENV.fetch('IK_PASS'),
|
|
22
|
+
domain: ENV.fetch('IK_DOMAIN')
|
|
23
|
+
)
|
|
24
|
+
|
|
25
|
+
$ik.logon
|
|
26
|
+
|
|
27
|
+
puts "Opened admin session with #{ENV.fetch('IK_USER')}@#{ENV.fetch('IK_DOMAIN')} against #{ENV.fetch('IK_HOST')}"
|
|
28
|
+
|
|
29
|
+
at_exit { $ik.logoff }
|
|
30
|
+
|
|
31
|
+
users = JSON.load File.read ARGV[0]
|
|
32
|
+
|
|
33
|
+
users.each do |import|
|
|
34
|
+
|
|
35
|
+
puts "Looking up #{import['username']}"
|
|
36
|
+
ik_user = begin
|
|
37
|
+
Identikey::Administration::User.find(session: $ik, username: import['username'], domain: ENV.fetch('IK_DOMAIN'))
|
|
38
|
+
rescue => e
|
|
39
|
+
puts "Cannot look up #{import['username']}: #{e.message}"
|
|
40
|
+
nil
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
unless ik_user
|
|
44
|
+
puts "User #{import['username']} not found, creating"
|
|
45
|
+
|
|
46
|
+
ik_user = Identikey::Administration::User.new($ik,
|
|
47
|
+
'USERFLD_USERID' => import['username'],
|
|
48
|
+
'USERFLD_EMAIL' => import['email'],
|
|
49
|
+
'USERFLD_DOMAIN' => ENV.fetch('IK_DOMAIN'),
|
|
50
|
+
'USERFLD_LOCAL_AUTH' => 'Default',
|
|
51
|
+
'USERFLD_BACKEND_AUTH' => 'Default',
|
|
52
|
+
'USERFLD_DISABLED' => import['disabled'],
|
|
53
|
+
'USERFLD_LOCKED' => import['locked'],
|
|
54
|
+
'USERFLD_EXPIRATION_TIME' => import['expires_at']
|
|
55
|
+
)
|
|
56
|
+
|
|
57
|
+
begin
|
|
58
|
+
ik_user.save!
|
|
59
|
+
puts "User #{import['username']} created"
|
|
60
|
+
rescue => e
|
|
61
|
+
|
|
62
|
+
puts "Cannot create #{import['username']}: #{e.message}"
|
|
63
|
+
|
|
64
|
+
next
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
missing_digipass = import['digipass'] - ik_user.digipass
|
|
69
|
+
|
|
70
|
+
missing_digipass.each do |digipass|
|
|
71
|
+
puts "Assigining digipass #{digipass} to #{import['username']}"
|
|
72
|
+
|
|
73
|
+
ik_token = begin
|
|
74
|
+
Identikey::Administration::Digipass.find(session: $ik, serial_no: digipass)
|
|
75
|
+
rescue => e
|
|
76
|
+
puts "Digipass #{digipass} was not found"
|
|
77
|
+
next
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
begin
|
|
81
|
+
ik_token.assign! import['username'], ENV.fetch('IK_DOMAIN')
|
|
82
|
+
rescue => e
|
|
83
|
+
puts "Digipass #{digipass} could not be assigned to #{import['username']}: #{e.message}"
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
puts "Assignment of digipass #{digipass} to #{import['username']} was successful"
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
end
|
|
@@ -169,6 +169,16 @@ module Identikey
|
|
|
169
169
|
)
|
|
170
170
|
end
|
|
171
171
|
|
|
172
|
+
def user_execute_UNLOCK(session_id:, username:, domain:)
|
|
173
|
+
user_execute(
|
|
174
|
+
session_id: session_id,
|
|
175
|
+
cmd: 'USERCMD_UNLOCK',
|
|
176
|
+
attributes: typed_attributes_list_from(
|
|
177
|
+
USERFLD_USERID: username,
|
|
178
|
+
USERFLD_DOMAIN: domain
|
|
179
|
+
)
|
|
180
|
+
)
|
|
181
|
+
end
|
|
172
182
|
|
|
173
183
|
# Executes a userQuery command that searches users. By default, it doesn't
|
|
174
184
|
# log anywhere. To enable logging to a specific destination, pass a logger
|
|
@@ -6,7 +6,7 @@ module Identikey
|
|
|
6
6
|
new(session).find(username, domain)
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
-
def self.search(session:, query:, options: {})
|
|
9
|
+
def self.search(session:, query:, options: {}, log: false)
|
|
10
10
|
[:has_digipass, :not_has_digipass].each do |funky_boolean|
|
|
11
11
|
if query.key?(funky_boolean) && [true, false].include?(query[funky_boolean])
|
|
12
12
|
query[funky_boolean] = query[funky_boolean] ? 'Assigned' : 'Unassigned'
|
|
@@ -29,10 +29,12 @@ module Identikey
|
|
|
29
29
|
|
|
30
30
|
stat, users, error = session.execute(:user_query,
|
|
31
31
|
attributes: Base.search_attributes_from(query, attribute_map: query_keys),
|
|
32
|
-
query_options: Base.search_options_from(options)
|
|
32
|
+
query_options: Base.search_options_from(options),
|
|
33
|
+
log: log
|
|
34
|
+
)
|
|
33
35
|
|
|
34
36
|
case stat
|
|
35
|
-
when 'STAT_SUCCESS' then (users||[]).map {|user| new(session, user) }
|
|
37
|
+
when 'STAT_SUCCESS' then (users||[]).map {|user| new(session, user, persisted: true) }
|
|
36
38
|
when 'STAT_NOT_FOUND' then []
|
|
37
39
|
else
|
|
38
40
|
raise Identikey::Error, "Search user failed: #{stat} - #{error}"
|
|
@@ -59,11 +61,17 @@ module Identikey
|
|
|
59
61
|
attr_accessor :expired
|
|
60
62
|
attr_accessor :last_auth_attempt_at
|
|
61
63
|
attr_accessor :description
|
|
64
|
+
attr_accessor :passwd_last_set_at
|
|
65
|
+
attr_accessor :has_password
|
|
62
66
|
|
|
63
|
-
|
|
67
|
+
alias locked? locked
|
|
68
|
+
alias digipass? has_digipass
|
|
69
|
+
alias password? has_password
|
|
70
|
+
|
|
71
|
+
def initialize(session, user = nil, persisted: false)
|
|
64
72
|
@session = session
|
|
65
73
|
|
|
66
|
-
replace(user) if user
|
|
74
|
+
replace(user, persisted: persisted) if user
|
|
67
75
|
end
|
|
68
76
|
|
|
69
77
|
def find(username, domain)
|
|
@@ -133,6 +141,8 @@ module Identikey
|
|
|
133
141
|
raise Identikey::OperationFailed, "Clear user #{self.username} password failed: #{stat} - #{error}"
|
|
134
142
|
end
|
|
135
143
|
|
|
144
|
+
self.has_password = false
|
|
145
|
+
|
|
136
146
|
true
|
|
137
147
|
end
|
|
138
148
|
|
|
@@ -146,6 +156,23 @@ module Identikey
|
|
|
146
156
|
raise Identikey::OperationFailed, "Set user #{self.username} password failed: #{stat} - #{error}"
|
|
147
157
|
end
|
|
148
158
|
|
|
159
|
+
self.has_password = true
|
|
160
|
+
|
|
161
|
+
true
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
def unlock!
|
|
165
|
+
ensure_persisted!
|
|
166
|
+
|
|
167
|
+
stat, _, error = @session.execute(
|
|
168
|
+
:user_execute_UNLOCK, username: username, domain: domain)
|
|
169
|
+
|
|
170
|
+
if stat != 'STAT_SUCCESS'
|
|
171
|
+
raise Identikey::OperationFailed, "Unlock user #{self.username} failed: #{stat} - #{error}"
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
self.locked = false
|
|
175
|
+
|
|
149
176
|
true
|
|
150
177
|
end
|
|
151
178
|
|
|
@@ -171,6 +198,8 @@ module Identikey
|
|
|
171
198
|
self.expired = user['USERFLD_EXPIRED']
|
|
172
199
|
self.last_auth_attempt_at = user['USERFLD_LASTAUTHREQ_TIME']
|
|
173
200
|
self.description = user['USERFLD_DESCRIPTION']
|
|
201
|
+
self.passwd_last_set_at = user['USERFLD_LAST_PASSWORD_SET_TIME']
|
|
202
|
+
self.has_password = !user['USERFLD_PASSWORD'].nil?
|
|
174
203
|
|
|
175
204
|
@persisted = persisted
|
|
176
205
|
|
data/lib/identikey/base.rb
CHANGED
|
@@ -264,8 +264,8 @@ module Identikey
|
|
|
264
264
|
parse = /^(not_)?(.*)/i.match(full_name.to_s)
|
|
265
265
|
name = parse[2]
|
|
266
266
|
|
|
267
|
-
options =
|
|
268
|
-
options
|
|
267
|
+
options = {}
|
|
268
|
+
options[:negative] = true if !parse[1].nil?
|
|
269
269
|
|
|
270
270
|
type, value = case value
|
|
271
271
|
|
|
@@ -275,8 +275,8 @@ module Identikey
|
|
|
275
275
|
when Integer
|
|
276
276
|
[ 'xsd:int', value.to_s ]
|
|
277
277
|
|
|
278
|
-
when
|
|
279
|
-
[ 'xsd:
|
|
278
|
+
when Time
|
|
279
|
+
[ 'xsd:dateTime', value.utc.iso8601 ]
|
|
280
280
|
|
|
281
281
|
when TrueClass, FalseClass
|
|
282
282
|
[ 'xsd:boolean', value.to_s ]
|
|
@@ -285,7 +285,7 @@ module Identikey
|
|
|
285
285
|
[ 'xsd:string', value.to_s ]
|
|
286
286
|
|
|
287
287
|
when NilClass
|
|
288
|
-
options
|
|
288
|
+
options[:null] = true
|
|
289
289
|
[ 'xsd:string', '' ]
|
|
290
290
|
|
|
291
291
|
else
|
data/lib/identikey/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: identikey
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Marcello Barnaba
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-06-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: savon
|
|
@@ -193,6 +193,8 @@ files:
|
|
|
193
193
|
- README.md
|
|
194
194
|
- Rakefile
|
|
195
195
|
- bin/console
|
|
196
|
+
- bin/export
|
|
197
|
+
- bin/import
|
|
196
198
|
- bin/setup
|
|
197
199
|
- identikey.gemspec
|
|
198
200
|
- lib/identikey.rb
|