idnio 2.3.2b

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,145 @@
1
+ #!/usr/bin/env ruby
2
+ require 'json'
3
+ require 'uri'
4
+ require 'idnio/idnapi'
5
+ require 'idnio/program'
6
+ require 'idnio/markdown'
7
+ require 'objects/access-profiles'
8
+
9
+ module Applications
10
+
11
+ @@app_response = nil
12
+
13
+ def self.query(query)
14
+ if @@app_response.nil?
15
+ @@app_response = IDNAPI.get("#{$url}/cc/api/app/list?filter=org", $token)
16
+ end
17
+
18
+ unless @@app_response.nil?
19
+ apps = JSON.parse(@@app_response.body)
20
+ apps.each do |app|
21
+ tmp_name = app['name']
22
+ next unless tmp_name == query
23
+ full_app = IDNAPI.get("#{$url}/cc/api/app/get/#{app['id']}", $token)
24
+ next if full_app.nil?
25
+ j_full_app = JSON.parse(full_app)
26
+ j_full_app['AccessProfiles'] = Applications.getAccessProfiles( app['id'] )
27
+ return j_full_app
28
+ end
29
+ return nil
30
+ end
31
+ end
32
+
33
+ def self.getAccessProfiles( id )
34
+ access = IDNAPI.get("#{$url}/cc/api/app/getAccessProfiles/#{id}", $token)
35
+ accessArray = []
36
+ unless access.nil?
37
+ j_access = JSON.parse(access)
38
+ j_access['items'].each do |ap|
39
+ accessArray.push(ap['name'])
40
+ end
41
+ end
42
+
43
+ accessArray
44
+ end
45
+
46
+ def self.isValidUpdateAttribute(text)
47
+ case text
48
+ when 'appProfiles'
49
+ false
50
+ when 'id'
51
+ false
52
+ when 'appId'
53
+ false
54
+ when 'service'
55
+ false
56
+ when 'serviceId'
57
+ false
58
+ when 'serviceAppId'
59
+ false
60
+ when 'accountServiceId'
61
+ false
62
+ when 'dateCreated'
63
+ false
64
+ when 'accountServiceName'
65
+ false
66
+ when 'accountServiceExternalId'
67
+ false
68
+ when 'externalId'
69
+ false
70
+ when 'accountServicePolicyId'
71
+ false
72
+ when 'accountServicePolicyName'
73
+ false
74
+ when 'accountServicePolicies'
75
+ false
76
+ when 'xsdVersion'
77
+ false
78
+ when 'passwordServiceId'
79
+ false
80
+ when 'version'
81
+ false
82
+ when 'owner'
83
+ false
84
+ when 'lastUpdated'
85
+ false
86
+ when 'scriptName'
87
+ false
88
+ when 'definitionName'
89
+ false
90
+ when 'appCount'
91
+ false
92
+ when 'userCount'
93
+ false
94
+ when 'sourceConnected'
95
+ false
96
+ when 'authenticationCookie'
97
+ false
98
+ when 'icon'
99
+ false
100
+ when 'connectedApps'
101
+ false
102
+ when 'health'
103
+ false
104
+ else
105
+ true
106
+ end
107
+ end
108
+
109
+ #
110
+ # Exports Application configurations.
111
+ #
112
+ def self.export(directory)
113
+ response = IDNAPI.get("#{$url}/cc/api/app/list?filter=org", $token)
114
+ unless response.nil?
115
+ apps = JSON.parse(response.body)
116
+
117
+ $log.info "\tDetected #{apps.length} apps."
118
+
119
+ apps.each do |app|
120
+ if app['controlType'] == 'PERSONAL'
121
+ $log.debug "\t\tSkipping PERSONAL Controlled Application: #{app['name']}"
122
+ else
123
+ $log.info "\tApplication: #{app['name']}"
124
+
125
+ full_app = Applications.query(app['name'])
126
+ Program.write_file("#{directory}/applications/", "Application - #{full_app['name']}.json", JSON.pretty_generate(full_app))
127
+ end
128
+ end
129
+ end
130
+ end
131
+
132
+ #
133
+ # Import Application configurations.
134
+ #
135
+ def self.import(_directory)
136
+ $log.warn "\tImport for object type application is not supported at this time."
137
+ end
138
+
139
+ #
140
+ # Documents Application configurations.
141
+ #
142
+ def self.doc
143
+ $log.warn "\tDocumentation for object type application is not supported at this time."
144
+ end
145
+ end
@@ -0,0 +1,122 @@
1
+ #!/usr/bin/env ruby
2
+ require "json"
3
+ require "idnio/idnapi"
4
+ require "idnio/program"
5
+ require "idnio/markdown"
6
+
7
+ module AttributeSyncConfig
8
+
9
+ @@source_response = nil
10
+
11
+ def self.query( query )
12
+
13
+ if (@@source_response == nil)
14
+ @@source_response = IDNAPI.get( "#{$url}/cc/api/source/list", $token )
15
+ end
16
+
17
+ unless @@source_response.nil?
18
+ sources = JSON.parse( @@source_response.body )
19
+ sources.each do |source|
20
+ tmp_name = source["name"]
21
+ tmp_name.gsub!(/[^0-9A-Za-z. -]/,"-")
22
+ if(tmp_name == query)
23
+ return source
24
+ end
25
+ end
26
+ return nil
27
+ end
28
+ end
29
+
30
+ #
31
+ # Exports Attribute Sync Config configurations.
32
+ #
33
+ def self.export( directory )
34
+
35
+ response = IDNAPI.get( "#{$url}/cc/api/source/list", $token )
36
+ unless response.nil?
37
+ sources = JSON.parse( response.body )
38
+
39
+ $log.info "\tDetected #{sources.count} attribute sync config, across #{sources.count} sources."
40
+
41
+ sources.each do |source|
42
+ response = IDNAPI.get( "#{$url}/cc/api/source/getAttributeSyncConfig/#{source["id"]}", $token )
43
+
44
+ unless response.nil?
45
+ config = JSON.parse( response.body )
46
+ $log.info "\tAttribute Sync Config: #{source["name"]}"
47
+ Program.write_file( "#{directory}/attribute-sync-config/", "Attribute Sync Config - #{source["name"]}.json", JSON.pretty_generate( config ) )
48
+ end
49
+ end
50
+ end
51
+ end
52
+
53
+ #
54
+ # Imports Attribute Sync Config configurations.
55
+ #
56
+ def self.import( directory )
57
+ file_names = Program.get_filenames("#{directory}/attribute-sync-config")
58
+
59
+ $log.info "\tDetected #{file_names.length} attribute sync configurations."
60
+
61
+ file_names.each do |file|
62
+ file.index(" - ")
63
+ file.rindex(" - ")
64
+ tmp = file[file.index(" - ")+3..file.rindex(".json")-1].strip
65
+
66
+ $log.info "\tAttribute Sync Config: #{tmp}"
67
+
68
+ source = AttributeSyncConfig.query(tmp)
69
+ if(source == nil)
70
+ $log.warn "\tSkipping import. Associated source (#{tmp}) doesn't exist."
71
+ else
72
+ file_contents = Program.read_file(file)
73
+ unless file_contents.nil?
74
+ j_fc = JSON.parse(file_contents)
75
+ if( j_fc["syncAttributes"] == nil)
76
+ $log.warn "\t\tSkipping import. Configuration is null or empty."
77
+ else
78
+ $log.debug "\t\tUpdating Attribute Sync Configuration for Source: #{source["name"]}"
79
+ IDNAPI.post_json( "#{$url}/cc/api/source/setAttributeSyncConfig/#{source["id"]}", $token, j_fc )
80
+ end
81
+
82
+ end
83
+ end
84
+ end
85
+ end
86
+
87
+ #
88
+ # Documents Attribute Sync Config configurations.
89
+ #
90
+ def self.doc
91
+
92
+ Markdown.h2( "Attribute Sync Config" )
93
+
94
+ response = IDNAPI.get( "#{$url}/cc/api/source/list", $token )
95
+
96
+ unless response.nil?
97
+
98
+ sources = JSON.parse( response.body )
99
+
100
+ $log.info "\tDetected #{sources.count} attribute sync config, across #{sources.count} sources."
101
+
102
+ sources.each do |source|
103
+
104
+ response = IDNAPI.get( "#{$url}/cc/api/source/getAttributeSyncConfig/#{source["id"]}", $token )
105
+ syncAttributes = JSON.parse( response.body )
106
+
107
+ $log.info "\tAttribute Sync Config: #{source["name"]}"
108
+
109
+ unless ( syncAttributes.nil? || syncAttributes["syncAttributes"].nil? || syncAttributes["syncAttributes"].empty? )
110
+ Markdown.h3( "#{source["name"]}" )
111
+ Markdown.text( "| Account Attribute | Identity Attribute | Enabled |\n" )
112
+ Markdown.text( "|-------------------|--------------------|---------|\n" )
113
+ syncAttributes["syncAttributes"].each do |syncAttribute|
114
+ Markdown.text( "|#{syncAttribute["targetAttribute"]}|#{syncAttribute["identityAttributeName"]}|#{syncAttribute["enabled"]}|\n" )
115
+ end
116
+ end
117
+ end
118
+ end
119
+
120
+ Markdown.write
121
+ end
122
+ end
@@ -0,0 +1,49 @@
1
+ #!/usr/bin/env ruby
2
+ require 'json'
3
+ require 'idnio/idnapi'
4
+ require 'idnio/program'
5
+ require 'idnio/markdown'
6
+
7
+ module Branding
8
+
9
+ #
10
+ # Exports Branding configurations.
11
+ #
12
+ def self.export( directory )
13
+
14
+ response = IDNAPI.get( "#{$url}/cc/api/branding/list", $token )
15
+
16
+ case response
17
+ when Net::HTTPSuccess
18
+
19
+ brands = JSON.parse( response.body )
20
+
21
+ $log.info "\tDetected #{brands.count} branding configs."
22
+
23
+ brands['items'].each do |brand|
24
+
25
+ $log.info "\tBranding: #{brand['productName']}"
26
+ Program.write_file( "#{directory}/branding/", "Brand - #{brand['productName']}.json", JSON.pretty_generate( brand ) )
27
+
28
+ end # brands['items'].each do |brand|
29
+
30
+ else
31
+ $log.error "\tError: Unable to fetch branding."
32
+ end # case response
33
+
34
+ end
35
+
36
+ #
37
+ # Import Branding configurations.
38
+ #
39
+ def self.import( directory )
40
+ $log.warn "\tImport for object type branding is not supported at this time."
41
+ end
42
+
43
+ #
44
+ # Documents Branding configurations.
45
+ #
46
+ def self.doc
47
+ $log.warn "\tDocumentation for object type branding is not supported at this time."
48
+ end
49
+ end
@@ -0,0 +1,61 @@
1
+ #!/usr/bin/env ruby
2
+ require "json"
3
+ require "idnio/idnapi"
4
+ require "idnio/program"
5
+ require "idnio/markdown"
6
+
7
+ module CampaignFilters
8
+
9
+ #
10
+ # Exports Campaign Filter configurations.
11
+ #
12
+ def self.export( directory )
13
+
14
+ response = IDNAPI.get( "#{$url}/cc/api/campaignFilter/list?includeSystemFilters=false", $token )
15
+
16
+ filters = JSON.parse( response.body )
17
+
18
+ $log.info "\tDetected #{filters['count']} campaign filters."
19
+
20
+ filters['items'].each do |filter|
21
+ $log.info "\tCampaign Filter: #{filter["name"]}"
22
+ Program.write_file( "#{directory}/campaign-filters/", "Campaign Filter - #{filter["name"]}.json", JSON.pretty_generate( filter ) )
23
+ end
24
+ end
25
+
26
+ #
27
+ # Import Campaign Filter configurations.
28
+ #
29
+ def self.import( directory )
30
+ $log.warn "\tImport for object type campaign-filter is not supported at this time."
31
+ end
32
+
33
+ #
34
+ # Documents Campaign Filter configurations.
35
+ #
36
+ def self.doc
37
+
38
+ Markdown.h2( "Campaign Filters" )
39
+
40
+ response = IDNAPI.get( "#{$url}/cc/api/campaignFilter/list?includeSystemFilters=false", $token )
41
+ unless response.nil?
42
+ filters = JSON.parse( response.body )
43
+
44
+ $log.info "\tDetected #{filters['count']} campaign filters."
45
+
46
+ filters['items'].each do |filter|
47
+ $log.info "\tCampaign Filter: #{filter["name"]}"
48
+ Markdown.h3( "#{filter["name"]}" )
49
+ Markdown.text( "- **Name** - #{filter["name"]}\n" )
50
+ Markdown.text( "- **Description** - #{filter["description"]}\n" )
51
+ Markdown.text( "- **Owner** - #{filter["owner"]}\n" )
52
+ Markdown.text( "- **Mode** - #{filter["mode"]}\n\n" )
53
+ Markdown.text( "- **Criteria**\n" )
54
+ Markdown.code( filter["criteriaList"] )
55
+ end
56
+ end
57
+
58
+ Markdown.write
59
+ end
60
+
61
+ end
@@ -0,0 +1,291 @@
1
+ #!/usr/bin/env ruby
2
+ require "json"
3
+ require "idnio/idnapi"
4
+ require "idnio/program"
5
+ require "idnio/markdown"
6
+
7
+ module Connectors
8
+
9
+ @@script_type = {
10
+ "ACF2 - Full" => "acf2",
11
+ "Active Directory - Direct" => "active-directory",
12
+ "ADAM - Direct" => "adam",
13
+ "AIX - Direct" => "aix",
14
+ "AWS" => "aws",
15
+ "Azure Active Directory" => "azure-active-directory",
16
+ "BMC Remedy" => "bmc-remedy",
17
+ "Box" => "box",
18
+ "Delimited File" => "delimited-file",
19
+ "DelimitedFile" => "delimited-file",
20
+ "Dropbox" => "dropbox",
21
+ "Duo" => "duo",
22
+ "Generic" => "generic",
23
+ "Google Apps - Direct" => "google-apps",
24
+ "GoToMeeting" => "gotomeeting",
25
+ "IBM DB2" => "ibm-db2",
26
+ "IBM i" => "ibm-i",
27
+ "IBM Lotus Domino - Direct" => "ibm-lotus-domino",
28
+ "IBM Tivoli DS - Direct" => "ibm-tivoli-ds",
29
+ "JDBC" => "jdbc",
30
+ "Linux - Direct" => "linux",
31
+ "Microsoft SharePoint Online" => "microsoft-sharepoint-online",
32
+ "Microsoft SharePoint Server" => "microsoft-sharepoint-server",
33
+ "Microsoft SQL Server - Direct" => "microsoft-sql-server",
34
+ "Novell eDirectory - Direct" => "novell-edirectory",
35
+ "Okta" => "okta",
36
+ "OpenLDAP - Direct" => "openldap",
37
+ "Oracle Database - Direct" => "oracle-database",
38
+ "Oracle E-Business" => "oracle-ebusiness",
39
+ "Oracle Fusion HCM" => "oracle-fusion-hcm",
40
+ "Oracle HRMS" => "oracle-hrms",
41
+ "Oracle Internet Directory - Direct" => "oracle-internet-directory",
42
+ "Oracle NetSuite" => "oracle-netsuite",
43
+ "PeopleSoft - Direct" => "peoplesoft",
44
+ "PeopleSoft HCM Database" => "peoplesoft-hrms",
45
+ "RACF - Full" => "racf",
46
+ "RACF LDAP" => "racf-ldap",
47
+ "RemedyForce" => "remedyforce",
48
+ "RSA Authentication Manager - Direct" => "rsa-authentication-manager",
49
+ "Salesforce" => "salesforce",
50
+ "SAP - Direct" => "sap",
51
+ "SAP HANA Database" => "sap-hana",
52
+ "SAP HR/HCM" => "sap-hrhcm",
53
+ "SAP Portal - UMWebService" => "sap-portal-umwebservice",
54
+ "SCIM 1.1" => "scim11",
55
+ "SCIM 2.0" => "scim20",
56
+ "ServiceNow" => "servicenow",
57
+ "Siebel" => "siebel",
58
+ "Solaris - Direct" => "solaris",
59
+ "SuccessFactors" => "successfactors",
60
+ "SunOne - Direct" => "sunone",
61
+ "Sybase - Direct" => "sybase",
62
+ "Top Secret LDAP" => "top-secret-ldap",
63
+ "TopSecret - Full" => "top-secret",
64
+ "Web Services" => "web-services",
65
+ "Webex" => "webex",
66
+ "Workday Accounts" => "workday-accounts",
67
+ "Workday" => "workday",
68
+ "Yammer" => "yammer"
69
+ }
70
+
71
+ @@default_connectors = [
72
+ "ACF2",
73
+ "Active Directory",
74
+ "ADAM",
75
+ "AIX",
76
+ "AWS",
77
+ "Azure Active Directory",
78
+ "BMC Remedy",
79
+ "Box",
80
+ "IBM DB2",
81
+ "Delimited File",
82
+ "Dropbox",
83
+ "Duo",
84
+ "Generic",
85
+ "Google Apps",
86
+ "GoToMeeting",
87
+ "IBM i",
88
+ "IBM Lotus Domino",
89
+ "IBM Tivoli Access Manager",
90
+ "IBM Tivoli DS",
91
+ "JDBC",
92
+ "Jive",
93
+ "Linux",
94
+ "Microsoft SharePoint",
95
+ "Microsoft SharePoint Server",
96
+ "Microsoft SQL Server",
97
+ "NetSuite",
98
+ "Novell eDirectory",
99
+ "Okta",
100
+ "OpenLDAP",
101
+ "Oracle Database",
102
+ "Oracle E-Business",
103
+ "Oracle HRMS",
104
+ "Oracle Internet Directory",
105
+ "Oracle NetSuite",
106
+ "PeopleSoft",
107
+ "PeopleSoft HCM Database",
108
+ "RACF",
109
+ "RACF LDAP",
110
+ "RemedyForce",
111
+ "RSA Authentication Manager",
112
+ "SalesForce",
113
+ "SAP",
114
+ "SAP HANA",
115
+ "SAP HR/HCM",
116
+ "SAP Portal - UMWebService",
117
+ "SCIM 1.1",
118
+ "SCIM 2.0",
119
+ "ServiceNow",
120
+ "Siebel",
121
+ "Solaris",
122
+ "SuccessFactors",
123
+ "SunOne",
124
+ "Sybase",
125
+ "Top Secret",
126
+ "Top Secret LDAP",
127
+ "Web Services",
128
+ "WebEx",
129
+ "Workday",
130
+ "Yammer",
131
+ "Microsoft SharePoint Online",
132
+ "Oracle Fusion HCM",
133
+ "Workday Accounts"
134
+ ]
135
+
136
+ #
137
+ # Exports Connector configurations.
138
+ #
139
+ def self.export( directory )
140
+
141
+ response = IDNAPI.get( "#{$url}/cc/api/connector/list", $token )
142
+
143
+ case response
144
+ when Net::HTTPSuccess
145
+
146
+ connectors = JSON.parse( response.body )
147
+
148
+ $log.info "\tDetected #{connectors['total']} connectors."
149
+
150
+ connectors['items'].each do |connector|
151
+
152
+ if (!@@default_connectors.include? connector["name"] || $config["include-defaults"])
153
+ $log.info "\tConnector: #{connector["name"]}"
154
+ Program.write_file( "#{directory}/connectors/", "Connector - #{connector["name"]}.json", JSON.pretty_generate( connector ) )
155
+ else
156
+ $log.info "\tSkipping Default Connector: #{connector["name"]}"
157
+ end
158
+
159
+ end
160
+
161
+ else
162
+ $log.error "\tError: Unable to fetch connectors."
163
+ end
164
+ end
165
+
166
+ #
167
+ # Imports Connector configurations.
168
+ #
169
+ def self.import( directory )
170
+
171
+ # Read from the file system to determine how many transforms we have.
172
+ connectors = Program.read_directory( "#{directory}/connectors" )
173
+ $log.info "\tDetected #{connectors.length} connectors."
174
+
175
+ # Iterate through each connector.
176
+ connectors.each do |connector|
177
+
178
+ # Get the transform JSON.
179
+ template_connector = JSON.parse( connector )
180
+
181
+ $log.info "\tConnector: #{template_connector["name"]}"
182
+
183
+ # Is this a default connector? If so, skip it.
184
+ unless @@default_connectors.include? template_connector["name"]
185
+
186
+ # existing_connector = Connectors.get_by_name( template_connector["name"] )
187
+
188
+ # If we don't have an existing connector, lets create one.
189
+ # if existing_connector.nil?
190
+ $log.debug "\t\tCreating connector..."
191
+
192
+ form_data = {
193
+ 'name': template_connector["name"],
194
+ 'description': template_connector["name"],
195
+ 'className': template_connector["className"],
196
+ 'directConnect': template_connector["directConnect"],
197
+ 'status': template_connector["status"]
198
+ }
199
+ IDNAPI.post_form( "#{$url}/cc/api/connector/create", $token, form_data )
200
+ # If we don't have an existing connector, lets update the one we have.
201
+ # else
202
+ # $log.debug "\t\tUpdating connector..."
203
+ # IDNAPI.post_json( "#{$url}/cc/api/transform/update", $token, template_connector )
204
+ # end
205
+
206
+ # Upload Artifacts Here.
207
+
208
+ else
209
+ $log.info "\t\tSkipping default connector."
210
+ end #unless @@default_connectors.include? template_connector["name"]
211
+ end # connectors.each do |connector|
212
+ end # def self.import( directory )
213
+
214
+ #
215
+ # Documents Connector configurations.
216
+ #
217
+ def self.doc
218
+
219
+ Markdown.h2( "Connectors" )
220
+
221
+ response = IDNAPI.get( "#{$url}/cc/api/connector/list", $token )
222
+
223
+ case response
224
+ when Net::HTTPSuccess
225
+
226
+ connectors = JSON.parse( response.body )
227
+
228
+ $log.info "\tDetected #{connectors['total']} connectors."
229
+
230
+ connectors['items'].each do |connector|
231
+
232
+ if (!@@default_connectors.include? connector["name"] || $config["include-defaults"])
233
+ $log.info "\tConnector: #{connector["name"]}"
234
+
235
+ Markdown.h3( connector["name"] )
236
+ Markdown.text( "- Class: #{connector["className"]}\n" )
237
+ Markdown.text( "- Direct Connect: #{connector["directConnect"]}\n" )
238
+ Markdown.text( "- Status: #{connector["status"]}\n" )
239
+
240
+ else
241
+ $log.info "\tSkipping Default Connector: #{connector["name"]}"
242
+ end
243
+
244
+ end
245
+
246
+ else
247
+ $log.error "\tError: Unable to fetch connectors."
248
+ end
249
+
250
+ end
251
+
252
+ #
253
+ # Gets a connector script, given type
254
+ #
255
+ def self.get_script( type )
256
+ return @@script_type[ type ]
257
+ end
258
+
259
+ #
260
+ # Gets a connector by the type
261
+ #
262
+ def self.get_by_type( type )
263
+ return Connectors.get_by_attribute( "type", type )
264
+ end
265
+
266
+ #
267
+ # Gets a connector by an attribute
268
+ #
269
+ def self.get_by_attribute( attribute, value )
270
+
271
+ response = IDNAPI.get( "#{$url}/cc/api/connector/list", $token )
272
+
273
+ unless response.nil?
274
+
275
+ connectors = JSON.parse( response.body )
276
+
277
+ connectors['items'].each do |connector|
278
+
279
+ if ( connector[ attribute ] == value )
280
+ return connector
281
+ end
282
+
283
+ end # connectors['items'].each do |connector|
284
+
285
+ end # unless response.nil?
286
+
287
+ return nil
288
+
289
+ end # def self.get_by_attribute( attribute, value )
290
+
291
+ end