identikey 0.6.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/export +42 -0
- data/bin/import +89 -0
- data/lib/identikey/administration.rb +10 -0
- data/lib/identikey/administration/user.rb +34 -5
- data/lib/identikey/base.rb +5 -5
- data/lib/identikey/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ddf98e9f2ab268487c380bab954e3fefebcdd729e81f74a5f1267ada748d8b8
|
|
4
|
+
data.tar.gz: 43bb94510b8cb9e6176da71ba4742891419e4591053ded611d753538d545e895
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 386ea4bc06bb5258ce0e3fa928880c3e3faae70198744c5c562c1ac8ab44b1961dfd82724e905e610432715c2ef105ff751055002489f41ea4d595652821a4b4
|
|
7
|
+
data.tar.gz: 3b7081b38c22f4da4bd74360467b6b4e9951d69e376b49ca47e314a6e2185257a00357fb131a5769b94ece4b39929d741baaba7e6e1330ba334e1c85ba08d5b7
|
data/bin/export
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require 'bundler/setup'
|
|
4
|
+
require 'identikey'
|
|
5
|
+
require 'json'
|
|
6
|
+
|
|
7
|
+
if ARGV.size != 1
|
|
8
|
+
$stderr.puts "Usage: #{$0} <users.json>"
|
|
9
|
+
exit 1
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
Identikey::Administration.configure do
|
|
13
|
+
wsdl ENV.fetch('IK_WSDL_ADMIN')
|
|
14
|
+
endpoint ENV.fetch('IK_HOST')
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
puts "Configured Admin WSDL #{ENV.fetch('IK_WSDL_ADMIN')} against #{ENV.fetch('IK_HOST')}"
|
|
18
|
+
|
|
19
|
+
$ik = Identikey::Administration::Session.new(
|
|
20
|
+
username: ENV.fetch('IK_USER'),
|
|
21
|
+
password: ENV.fetch('IK_PASS'),
|
|
22
|
+
domain: ENV.fetch('IK_DOMAIN')
|
|
23
|
+
)
|
|
24
|
+
|
|
25
|
+
$ik.logon
|
|
26
|
+
|
|
27
|
+
puts "Opened admin session with #{ENV.fetch('IK_USER')}@#{ENV.fetch('IK_DOMAIN')} against #{ENV.fetch('IK_HOST')}"
|
|
28
|
+
|
|
29
|
+
at_exit { $ik.logoff }
|
|
30
|
+
|
|
31
|
+
users = Identikey::Administration::User.search(session: $ik, query: {})
|
|
32
|
+
users_slim = users.map do |u|
|
|
33
|
+
{ username: u.username,
|
|
34
|
+
email: u.email,
|
|
35
|
+
digipass: u.digipass,
|
|
36
|
+
disabled: u.disabled,
|
|
37
|
+
locked: u.locked,
|
|
38
|
+
expires_at: u.expires_at
|
|
39
|
+
}
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
File.write ARGV[0], users_slim.to_json
|
data/bin/import
ADDED
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
|
|
3
|
+
require 'bundler/setup'
|
|
4
|
+
require 'identikey'
|
|
5
|
+
require 'json'
|
|
6
|
+
|
|
7
|
+
if ARGV.size != 1
|
|
8
|
+
$stderr.puts "Usage: #{$0} <users.json>"
|
|
9
|
+
exit 1
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
Identikey::Administration.configure do
|
|
13
|
+
wsdl ENV.fetch('IK_WSDL_ADMIN')
|
|
14
|
+
endpoint ENV.fetch('IK_HOST')
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
puts "Configured Admin WSDL #{ENV.fetch('IK_WSDL_ADMIN')} against #{ENV.fetch('IK_HOST')}"
|
|
18
|
+
|
|
19
|
+
$ik = Identikey::Administration::Session.new(
|
|
20
|
+
username: ENV.fetch('IK_USER'),
|
|
21
|
+
password: ENV.fetch('IK_PASS'),
|
|
22
|
+
domain: ENV.fetch('IK_DOMAIN')
|
|
23
|
+
)
|
|
24
|
+
|
|
25
|
+
$ik.logon
|
|
26
|
+
|
|
27
|
+
puts "Opened admin session with #{ENV.fetch('IK_USER')}@#{ENV.fetch('IK_DOMAIN')} against #{ENV.fetch('IK_HOST')}"
|
|
28
|
+
|
|
29
|
+
at_exit { $ik.logoff }
|
|
30
|
+
|
|
31
|
+
users = JSON.load File.read ARGV[0]
|
|
32
|
+
|
|
33
|
+
users.each do |import|
|
|
34
|
+
|
|
35
|
+
puts "Looking up #{import['username']}"
|
|
36
|
+
ik_user = begin
|
|
37
|
+
Identikey::Administration::User.find(session: $ik, username: import['username'], domain: ENV.fetch('IK_DOMAIN'))
|
|
38
|
+
rescue => e
|
|
39
|
+
puts "Cannot look up #{import['username']}: #{e.message}"
|
|
40
|
+
nil
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
unless ik_user
|
|
44
|
+
puts "User #{import['username']} not found, creating"
|
|
45
|
+
|
|
46
|
+
ik_user = Identikey::Administration::User.new($ik,
|
|
47
|
+
'USERFLD_USERID' => import['username'],
|
|
48
|
+
'USERFLD_EMAIL' => import['email'],
|
|
49
|
+
'USERFLD_DOMAIN' => ENV.fetch('IK_DOMAIN'),
|
|
50
|
+
'USERFLD_LOCAL_AUTH' => 'Default',
|
|
51
|
+
'USERFLD_BACKEND_AUTH' => 'Default',
|
|
52
|
+
'USERFLD_DISABLED' => import['disabled'],
|
|
53
|
+
'USERFLD_LOCKED' => import['locked'],
|
|
54
|
+
'USERFLD_EXPIRATION_TIME' => import['expires_at']
|
|
55
|
+
)
|
|
56
|
+
|
|
57
|
+
begin
|
|
58
|
+
ik_user.save!
|
|
59
|
+
puts "User #{import['username']} created"
|
|
60
|
+
rescue => e
|
|
61
|
+
|
|
62
|
+
puts "Cannot create #{import['username']}: #{e.message}"
|
|
63
|
+
|
|
64
|
+
next
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
missing_digipass = import['digipass'] - ik_user.digipass
|
|
69
|
+
|
|
70
|
+
missing_digipass.each do |digipass|
|
|
71
|
+
puts "Assigining digipass #{digipass} to #{import['username']}"
|
|
72
|
+
|
|
73
|
+
ik_token = begin
|
|
74
|
+
Identikey::Administration::Digipass.find(session: $ik, serial_no: digipass)
|
|
75
|
+
rescue => e
|
|
76
|
+
puts "Digipass #{digipass} was not found"
|
|
77
|
+
next
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
begin
|
|
81
|
+
ik_token.assign! import['username'], ENV.fetch('IK_DOMAIN')
|
|
82
|
+
rescue => e
|
|
83
|
+
puts "Digipass #{digipass} could not be assigned to #{import['username']}: #{e.message}"
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
puts "Assignment of digipass #{digipass} to #{import['username']} was successful"
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
end
|
|
@@ -169,6 +169,16 @@ module Identikey
|
|
|
169
169
|
)
|
|
170
170
|
end
|
|
171
171
|
|
|
172
|
+
def user_execute_UNLOCK(session_id:, username:, domain:)
|
|
173
|
+
user_execute(
|
|
174
|
+
session_id: session_id,
|
|
175
|
+
cmd: 'USERCMD_UNLOCK',
|
|
176
|
+
attributes: typed_attributes_list_from(
|
|
177
|
+
USERFLD_USERID: username,
|
|
178
|
+
USERFLD_DOMAIN: domain
|
|
179
|
+
)
|
|
180
|
+
)
|
|
181
|
+
end
|
|
172
182
|
|
|
173
183
|
# Executes a userQuery command that searches users. By default, it doesn't
|
|
174
184
|
# log anywhere. To enable logging to a specific destination, pass a logger
|
|
@@ -6,7 +6,7 @@ module Identikey
|
|
|
6
6
|
new(session).find(username, domain)
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
-
def self.search(session:, query:, options: {})
|
|
9
|
+
def self.search(session:, query:, options: {}, log: false)
|
|
10
10
|
[:has_digipass, :not_has_digipass].each do |funky_boolean|
|
|
11
11
|
if query.key?(funky_boolean) && [true, false].include?(query[funky_boolean])
|
|
12
12
|
query[funky_boolean] = query[funky_boolean] ? 'Assigned' : 'Unassigned'
|
|
@@ -29,10 +29,12 @@ module Identikey
|
|
|
29
29
|
|
|
30
30
|
stat, users, error = session.execute(:user_query,
|
|
31
31
|
attributes: Base.search_attributes_from(query, attribute_map: query_keys),
|
|
32
|
-
query_options: Base.search_options_from(options)
|
|
32
|
+
query_options: Base.search_options_from(options),
|
|
33
|
+
log: log
|
|
34
|
+
)
|
|
33
35
|
|
|
34
36
|
case stat
|
|
35
|
-
when 'STAT_SUCCESS' then (users||[]).map {|user| new(session, user) }
|
|
37
|
+
when 'STAT_SUCCESS' then (users||[]).map {|user| new(session, user, persisted: true) }
|
|
36
38
|
when 'STAT_NOT_FOUND' then []
|
|
37
39
|
else
|
|
38
40
|
raise Identikey::Error, "Search user failed: #{stat} - #{error}"
|
|
@@ -59,11 +61,17 @@ module Identikey
|
|
|
59
61
|
attr_accessor :expired
|
|
60
62
|
attr_accessor :last_auth_attempt_at
|
|
61
63
|
attr_accessor :description
|
|
64
|
+
attr_accessor :passwd_last_set_at
|
|
65
|
+
attr_accessor :has_password
|
|
62
66
|
|
|
63
|
-
|
|
67
|
+
alias locked? locked
|
|
68
|
+
alias digipass? has_digipass
|
|
69
|
+
alias password? has_password
|
|
70
|
+
|
|
71
|
+
def initialize(session, user = nil, persisted: false)
|
|
64
72
|
@session = session
|
|
65
73
|
|
|
66
|
-
replace(user) if user
|
|
74
|
+
replace(user, persisted: persisted) if user
|
|
67
75
|
end
|
|
68
76
|
|
|
69
77
|
def find(username, domain)
|
|
@@ -133,6 +141,8 @@ module Identikey
|
|
|
133
141
|
raise Identikey::OperationFailed, "Clear user #{self.username} password failed: #{stat} - #{error}"
|
|
134
142
|
end
|
|
135
143
|
|
|
144
|
+
self.has_password = false
|
|
145
|
+
|
|
136
146
|
true
|
|
137
147
|
end
|
|
138
148
|
|
|
@@ -146,6 +156,23 @@ module Identikey
|
|
|
146
156
|
raise Identikey::OperationFailed, "Set user #{self.username} password failed: #{stat} - #{error}"
|
|
147
157
|
end
|
|
148
158
|
|
|
159
|
+
self.has_password = true
|
|
160
|
+
|
|
161
|
+
true
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
def unlock!
|
|
165
|
+
ensure_persisted!
|
|
166
|
+
|
|
167
|
+
stat, _, error = @session.execute(
|
|
168
|
+
:user_execute_UNLOCK, username: username, domain: domain)
|
|
169
|
+
|
|
170
|
+
if stat != 'STAT_SUCCESS'
|
|
171
|
+
raise Identikey::OperationFailed, "Unlock user #{self.username} failed: #{stat} - #{error}"
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
self.locked = false
|
|
175
|
+
|
|
149
176
|
true
|
|
150
177
|
end
|
|
151
178
|
|
|
@@ -171,6 +198,8 @@ module Identikey
|
|
|
171
198
|
self.expired = user['USERFLD_EXPIRED']
|
|
172
199
|
self.last_auth_attempt_at = user['USERFLD_LASTAUTHREQ_TIME']
|
|
173
200
|
self.description = user['USERFLD_DESCRIPTION']
|
|
201
|
+
self.passwd_last_set_at = user['USERFLD_LAST_PASSWORD_SET_TIME']
|
|
202
|
+
self.has_password = !user['USERFLD_PASSWORD'].nil?
|
|
174
203
|
|
|
175
204
|
@persisted = persisted
|
|
176
205
|
|
data/lib/identikey/base.rb
CHANGED
|
@@ -264,8 +264,8 @@ module Identikey
|
|
|
264
264
|
parse = /^(not_)?(.*)/i.match(full_name.to_s)
|
|
265
265
|
name = parse[2]
|
|
266
266
|
|
|
267
|
-
options =
|
|
268
|
-
options
|
|
267
|
+
options = {}
|
|
268
|
+
options[:negative] = true if !parse[1].nil?
|
|
269
269
|
|
|
270
270
|
type, value = case value
|
|
271
271
|
|
|
@@ -275,8 +275,8 @@ module Identikey
|
|
|
275
275
|
when Integer
|
|
276
276
|
[ 'xsd:int', value.to_s ]
|
|
277
277
|
|
|
278
|
-
when
|
|
279
|
-
[ 'xsd:
|
|
278
|
+
when Time
|
|
279
|
+
[ 'xsd:dateTime', value.utc.iso8601 ]
|
|
280
280
|
|
|
281
281
|
when TrueClass, FalseClass
|
|
282
282
|
[ 'xsd:boolean', value.to_s ]
|
|
@@ -285,7 +285,7 @@ module Identikey
|
|
|
285
285
|
[ 'xsd:string', value.to_s ]
|
|
286
286
|
|
|
287
287
|
when NilClass
|
|
288
|
-
options
|
|
288
|
+
options[:null] = true
|
|
289
289
|
[ 'xsd:string', '' ]
|
|
290
290
|
|
|
291
291
|
else
|
data/lib/identikey/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: identikey
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Marcello Barnaba
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-06-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: savon
|
|
@@ -193,6 +193,8 @@ files:
|
|
|
193
193
|
- README.md
|
|
194
194
|
- Rakefile
|
|
195
195
|
- bin/console
|
|
196
|
+
- bin/export
|
|
197
|
+
- bin/import
|
|
196
198
|
- bin/setup
|
|
197
199
|
- identikey.gemspec
|
|
198
200
|
- lib/identikey.rb
|