idnio 2.3.2b

data/lib/objects/sources.rb

@@ -0,0 +1,217 @@
+#!/usr/bin/env ruby
+require "json"
+require "idnio/idnapi"
+require "idnio/program"
+require "idnio/markdown"
+
+module Sources
+
+  #
+  # Query a Source for existence, by ID
+  #
+  def self.get_by_id( id )
+
+    response = IDNAPI.get( "#{$url}/beta/sources/#{id}", $token )
+
+    case response
+    when Net::HTTPSuccess
+      return JSON.parse( response.body )
+    else
+      return nil
+    end # case response
+
+  end
+
+  #
+  # Query a Source for existence, by name
+  #
+  def self.get_by_name( name )
+
+    response = IDNAPI.get( "#{$url}/beta/sources/?limit=1&offset=0&count=true&filters=name eq \"#{name}\"", $token )
+
+    case response
+    when Net::HTTPSuccess
+
+      if response.nil? || response['X-Total-Count'].nil?
+        return nil
+      end # if response['X-Total-Count'].nil?
+
+      count = response['X-Total-Count'].to_i
+
+      if count == 1
+        sources = JSON.parse( response.body )
+        return sources.first
+      end # if count == 1
+
+    else
+      return nil
+    end # case response
+
+    return nil
+
+  end
+
+  #
+  # This is a convenience method to get the CC ID of a source, given a source name.
+  #
+  def self.get_cc_id( name )
+    source = Sources.get_by_name( name )
+    return source['connectorAttributes']['cloudExternalId']
+  end
+
+  #
+  # Exports Source configurations.
+  #
+  def self.export( directory )
+
+    limit = 100
+    offset = 0
+    count = -1
+
+    loop do
+
+      response = IDNAPI.get( "#{$url}/beta/sources?limit=#{limit}&offset=#{offset}&count=true", $token )
+
+      case response
+      when Net::HTTPSuccess
+
+        # Determine the total count based what the API tells us.
+        if ( count < 0 && !response['X-Total-Count'].nil? )
+          count = response['X-Total-Count'].to_i
+          $log.info "\tDetected #{count} sources."
+        end
+
+        # If we don't have any sources, lets give up.  There is nothing to do.
+        break if count == 0
+
+        # If we're here, we have sources to process.
+        sources = JSON.parse( response.body )
+
+        # Give up if our sources are null or empty.  This is also a failsafe if count doesn't come back for some reason.
+        break if sources.nil? || sources.empty?
+
+        # Iterate through the sources list
+        sources.each do |source|
+            $log.info "\tSource: #{source["name"]}"
+            Program.write_file( "#{directory}/sources/", "Source - #{source["name"]}.json", JSON.pretty_generate( source ) )
+        end
+
+        # Setup our offset for the next iteration
+        offset += limit
+
+      else
+        $log.error "\tError: Unable to fetch sources."
+      end # case response
+
+    end # loop do
+
+  end # def self.export( directory )
+
+  #
+  # Imports Source configurations.
+  #
+  def self.import( directory )
+
+    #
+    # Read from the file system to determine how many source configurations we have.
+    #
+    sources = Program.read_directory("#{directory}/sources")
+    $log.info "\tDetected #{sources.length} sources."
+
+    #
+    # Iterate through each source.
+    #
+    sources.each do |source|
+
+      # Get the source JSON.
+      template_source = JSON.parse( source )
+
+      $log.info "\tSource: #{template_source["name"]}"
+
+      existing_source = Sources.get_by_name( template_source["name"] )
+
+      #
+      # If we don't have an existing source, lets create one.
+      #
+      if existing_source.nil?
+
+        $log.debug "\t\tCreating source..."
+
+        template_source[ "owner" ] = ReferenceResolver.get_identity_ref( template_source["owner"]["name"] )
+        template_source[ "cluster" ] = ReferenceResolver.get_default_cluster_ref
+        template_source[ "connector" ] = Connectors.get_script( template_source["type"] )
+        template_source[ "accountCorrelationConfig" ] = nil
+        template_source[ "schemas" ] = nil
+        template_source[ "passwordPolicies" ] = nil
+
+        # Clear these variables.  Noticed some bugs when importing.
+        template_source['connectorAttributes']['cloudExternalId'] = nil
+
+        $log.debug template_source.to_json
+
+        IDNAPI.post_json( "#{$url}/beta/sources/", $token, template_source )
+
+        $log.info "\t\t\tCreated source."
+
+      #
+      # If we don't have an existing source, lets update the one we have.
+      #
+      else
+
+        $log.debug "\t\tUpdating source..."
+
+        template_source[ "id" ] = existing_source[ "id" ]
+        template_source[ "owner" ] = existing_source[ "owner" ]
+        template_source[ "cluster" ] = existing_source[ "cluster" ]
+        template_source[ "type" ] = existing_source[ "type" ]
+        template_source[ "connector" ] = existing_source[ "connector" ]
+        template_source[ "connectorClass" ] = existing_source[ "connectorClass" ]
+        template_source[ "accountCorrelationConfig" ] = existing_source[ "accountCorrelationConfig" ]
+        template_source[ "schemas" ] = existing_source[ "schemas" ]
+        template_source[ "passwordPolicies" ] = existing_source[ "passwordPolicies" ]
+
+        # Clear these variables.  Noticed some bugs when importing.
+        template_source['connectorAttributes']['cloudExternalId'] = existing_source['connectorAttributes']['cloudExternalId']
+
+        IDNAPI.put_json( "#{$url}/beta/sources/#{existing_source["id"]}", $token, template_source )
+
+        $log.info "\t\t\tUpdated source."
+
+      end # if existing_source.nil?
+
+    end # sources.each do |source|
+
+  end # def self.import( directory )
+
+  #
+  # Documents Source configurations.
+  #
+  def self.doc
+
+    Markdown.h2( "Sources" )
+
+    response = IDNAPI.get( "#{$url}/cc/api/source/list", $token )
+    unless response.nil?
+      sources = JSON.parse( response.body )
+
+      $log.info "\tDetected #{sources.count} sources."
+
+      Markdown.text( "| Name | Connector | Owner | Description | Features |\n")
+      Markdown.text( "|------|-----------|-------|-------------|----------|\n")
+
+      sources.each do |source|
+
+        $log.info "\tSource: #{source["name"]}"
+
+        features = []
+        if source["useForAccounts"] then features.push( "Account Aggregation" ) end
+        if source["useForAuthentication"] then features.push( "Authentication" ) end
+        if source["useForProvisioning"] then features.push( "Provisioning" ) end
+        if source["useForPasswordManagement"] then features.push( "Password Management" ) end
+        Markdown.text( "|#{source["name"]}|#{source["sourceConnectorName"]}|#{source.dig("owner", "name")}|#{source["description"]}| #{features.join(", ")} |\n")
+
+      end
+    end
+    Markdown.write
+  end
+end

data/lib/objects/system-settings.rb

@@ -0,0 +1,185 @@
+#!/usr/bin/env ruby
+require "json"
+require "idnio/idnapi"
+require "idnio/program"
+require "idnio/markdown"
+
+module SystemSettings
+
+  #
+  # These are a list of attributes which are used to update.
+  #
+  @@update_attributes = [
+    # "adminStrongAuthRequired",
+    # "countryCodes",
+    # "emailTestAddress",
+    # "emailTestMode",
+    # "enableAutomationGeneration",
+    # "enableAutomaticPasswordReplay",
+    # "enableExternalPasswordChange",
+    # "enablePasswordReplay",
+    "kbaReqForAuthn",
+    "kbaReqAnswers",
+    "lockoutAttemptThreshold",
+    "lockoutTimeMinutes",
+    # "netmasks",
+    # "notifyAuthenticationSettingChange",
+    # "passwordReplayState",
+    "systemNotificationConfig",
+    "systemNotificationEmails",
+    "usageCertRequired",
+    "usageCertText",
+    "usernameEmptyText",
+    "usernameLabel",
+    "iframeWhitelist"
+    # "whiteList",
+  ]
+
+  #
+  # Exports System Setting configurations.
+  #
+  def self.export( directory )
+
+    response = IDNAPI.get( "#{$url}/cc/api/org/get", $token )
+    
+    case response
+    when Net::HTTPSuccess
+      $log.info "\tRetreived configuration."
+      config = JSON.parse( response.body )
+      Program.write_file( "#{directory}/system-settings/", "system-settings.json", JSON.pretty_generate( config ) )
+    else
+      $log.error "\tUnable to retreive configuration."
+    end # case response
+
+  end
+
+  #
+  # Imports System Setting configurations.
+  #
+  def self.import( directory )
+
+    # Read from the file system to determine how many identity profile configurations we have.
+    system_settings = Program.read_directory("#{directory}/system-settings")
+    $log.info "\tRetreived configuration."
+
+    # Iterate through each set of settings.
+    #  Note: We only expect one, but in theory we could have many...
+    system_settings.each do |system_setting|
+
+      # Get the system setting JSON.
+      template_settings = JSON.parse( system_setting )
+
+      # These will be the new attributes which will be sent to update things.
+      update_params = Hash.new
+
+      # We only want to update some things
+      @@update_attributes.each do |update_attribute|
+        update_params[update_attribute] = template_settings[update_attribute]
+      end
+
+      # Update the system configuration.
+      response = IDNAPI.post_json( "#{$url}/cc/api/org/set", $token, update_params )
+
+      case response
+      when Net::HTTPSuccess
+        $log.info "\tUpdated system settings."
+      else
+        $log.error "\tError: System settings could not be updated."
+      end # case response
+
+    end
+  end
+
+  #
+  # Documents System Setting configurations.
+  #
+  def self.doc
+
+    response = IDNAPI.get( "#{$url}/cc/api/org/get", $token )
+
+    case response
+    when Net::HTTPSuccess
+      $log.info "\tRetreived configuration."
+
+      config = JSON.parse( response.body )
+
+      Markdown.h2 "System Settings"
+
+      Markdown.h3 "Usage Agreement"
+
+      Markdown.text " - XXX : #{config['usageCertRequired']}\n"
+      Markdown.text " - XXX : #{config['usernameLabel']}\n"
+      Markdown.text " - XXX : #{config['usernameEmptyText']}\n"
+
+      Markdown.h3 "Network Settings"
+
+      Markdown.text " - XXX : #{config['netmasks']}\n"
+      Markdown.text " - XXX : #{config['whiteList']}\n"
+      Markdown.text " - XXX : #{config['countryCodes']}\n"
+
+      Markdown.h3 "System Features"
+
+      Markdown.text " - XXX : #{config['features']}\n"
+
+      Markdown.h3 "Notifications"
+
+      Markdown.text " - Email 'from' Address: #{config['emailFromAddress']}\n"
+
+      Markdown.text " - XXX : #{config['emailTestMode']}\n"
+
+
+      Markdown.text " - XXX : #{config['emailTestAddress']}\n"
+
+      Markdown.h3 "Security Settings"
+
+      # Lockout Management
+
+      ## Sign In Lockout Settings
+
+      ### Maximum Attempts
+
+      ### Minutes until attempt count resets
+
+      Markdown.text " - XXX : #{config['lockoutAttemptThreshold']}\n"
+
+      ### Minutes until user locked out
+
+      Markdown.text " - XXX : #{config['lockoutTimeMinutes']}\n"
+
+      ## Password Reset Lockout Settings
+
+      ### Maximum Attempts
+
+      ### Minutes until user locked out
+
+      # Session Management
+
+      ## Maximum Session Length
+
+      ### End the Session when the browser is closed (enabled/disabled)
+
+      ## Idle Session Expiration
+
+      ### X hours
+
+      Markdown.text " - XXX : #{config['iframeWhitelist']}\n"
+      Markdown.text " - XXX : #{config['kbaReqAnswers']}\n"
+      Markdown.text " - XXX : #{config['kbaReqForAuthn']}\n"
+
+      Markdown.text " - KBA Attributes Required for Authentication: #{config['kbaReqForAuthn']}\n"
+
+      #
+      #
+      # Markdown.text "Attributes:\n"
+      # config['attributes'].each do |attribute|
+      #   Markdown.text "- #{attribute['name']}\n"
+      # end
+
+    else
+      $log.error "\tUnable to retreive configuration."
+    end
+
+    Markdown.write
+  end
+
+end

data/lib/objects/transforms.rb

@@ -0,0 +1,157 @@
+#!/usr/bin/env ruby
+require "json"
+require "uri"
+require "idnio/idnapi"
+require "idnio/program"
+require "idnio/markdown"
+#require "idnio/defaults"
+#require_relative "../markdown.rb"
+
+module Transforms
+
+  @@default_transforms = [
+    "ToUpper",
+    "ISO3166 Country Format",
+    "Remove Diacritical Marks",
+    "E.164 Phone Format",
+    "ToLower",
+    "ISO3166 Alpha-2"
+  ]
+
+  #
+  # Get a Transform by its ID.
+  #
+  def self.get_by_id( id )
+    response = IDNAPI.get( URI.escape("#{$url}/cc/api/transform/get/#{id}"), $token )
+    case response
+    when Net::HTTPSuccess
+      return JSON.parse( response.body )
+    else
+      return nil
+    end
+  end
+
+  #
+  # Exports Transform configurations.
+  #
+  def self.export( directory )
+
+    response = IDNAPI.get( "#{$url}/cc/api/transform/list", $token )
+
+    case response
+    when Net::HTTPSuccess
+
+      transforms = JSON.parse( response.body )
+
+      $log.info "\tDetected #{transforms["count"]} transforms."
+
+      transforms["items"].each do |transform|
+
+        if (!@@default_transforms.include? transform["id"] || $config["include-defaults"])
+
+          $log.info "\tTransform: #{transform["id"]}"
+          Program.write_file( "#{directory}/transforms/", "Transform - #{transform["id"]}.json", JSON.pretty_generate( transform ) )
+
+        else
+
+          $log.info "\tSkipping Default Transform: #{transform["id"]}"
+
+        end # if (!@@default_transforms.include? transform["id"]...
+
+      end # transforms["items"].each do |transform|
+
+    else
+      $log.error "\tError: Unable to fetch transforms."
+    end # case response
+
+  end
+
+  #
+  # Imports Transform configurations.
+  #
+  def self.import( directory )
+
+    # Read from the file system to determine how many transforms we have.
+    transforms = Program.read_directory( "#{directory}/transforms" )
+    $log.info "\tDetected #{transforms.length} transforms."
+
+    # Iterate through each transform.
+    transforms.each do |transform|
+
+      # Get the transform JSON.
+      template_transform = JSON.parse( transform )
+
+      $log.info "\tTransform: #{template_transform["id"]}"
+
+      existing_transform = Transforms.get_by_id( template_transform["id"] )
+
+      # If we don't have an existing transform, lets create one.
+      if existing_transform.nil?
+
+        # Is this a default transform? If so, skip it.
+        unless (@@default_transforms.include? template_transform["id"])
+
+          $log.debug "\t\tCreating transform..."
+
+          IDNAPI.post_json( "#{$url}/cc/api/transform/create", $token, template_transform )
+
+        else
+          $log.info "\t\tSkipping default transform."
+        end
+
+      # If we don't have an existing transform, lets update the one we have.
+      else
+
+        # Is this a default transform? If so, skip it.
+        unless (@@default_transforms.include? template_transform["id"])
+
+          $log.debug "\t\tUpdating transform..."
+
+          IDNAPI.post_json( "#{$url}/cc/api/transform/update", $token, template_transform )
+
+        else
+          $log.info "\t\tSkipping default transform."
+        end
+      end
+    end
+  end
+
+  #
+  # Documents Transform configurations.
+  #
+  def self.doc
+
+    response = IDNAPI.get( "#{$url}/cc/api/transform/list", $token )
+
+    case response
+    when Net::HTTPSuccess
+
+      transforms = JSON.parse( response.body )
+
+      $log.info "\tDetected #{transforms["count"]} transforms."
+
+      Markdown.h2( "Transforms" )
+
+      transforms["items"].each do |transform|
+
+        if (!@@default_transforms.include? transform["id"] || $config["include-defaults"])
+
+          $log.info "\tTransform: #{transform["id"]}"
+          Markdown.h3( transform["id"] )
+          Markdown.json( JSON.pretty_generate( transform ) )
+
+        else
+
+          $log.info "\tSkipping Default Transform: #{transform["id"]}"
+
+        end # if (!@@default_transforms.include? transform["id"]...
+
+      end # transforms["items"].each do |transform|
+
+    else
+      $log.error "\tError: Unable to fetch transforms."
+    end # case response
+
+    Markdown.write
+  end
+end