idnio 2.3.3b → 2.3.4b
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/lib/idnio/version.rb +2 -2
- data/lib/objects/access-profiles.rb +47 -37
- data/lib/objects/account-profiles.rb +6 -6
- data/lib/objects/account-schemas.rb +65 -29
- data/lib/objects/attribute-sync-config.rb +51 -23
- data/lib/objects/branding.rb +2 -2
- data/lib/objects/campaign-filters.rb +38 -24
- data/lib/objects/connectors.rb +7 -7
- data/lib/objects/email-templates.rb +11 -5
- data/lib/objects/identity-attributes.rb +2 -2
- data/lib/objects/identity-profiles.rb +7 -7
- data/lib/objects/integrations.rb +8 -5
- data/lib/objects/lifecycle-states.rb +29 -15
- data/lib/objects/password-policies.rb +1 -1
- data/lib/objects/password-sync-groups.rb +1 -1
- data/lib/objects/reference-resolver.rb +72 -32
- data/lib/objects/roles.rb +104 -46
- data/lib/objects/rules.rb +6 -6
- data/lib/objects/sources.rb +53 -22
- data/lib/objects/transforms.rb +9 -9
- metadata +3 -3
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 234e7989d08547431973ed6b2eba00dadbf49a44a487acec83bd821e55c075cd
|
4
|
+
data.tar.gz: b4f45179bebc778d5336a3c5e961d03157def8760fd24eab659617505a497cf4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4b18ac54cd44404626e4e8a3977ddef9e1fc0e47a922eae6af19f183e46aef469971595ccd5255b5b88b196238d8f1a57fbff67d19f1e2744cd878ee10a57ce9
|
7
|
+
data.tar.gz: 716c81d01d634d63744f170363298a5d93fe982a5328eeaaa51433e0a0a483c030168eba2e44a614e8694383a3982a87d25889cdd1cb2f19cbed600ed32a1a7c
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
Binary file
|
data/lib/idnio/version.rb
CHANGED
@@ -7,32 +7,39 @@ require "idnio/markdown"
|
|
7
7
|
module AccessProfiles
|
8
8
|
|
9
9
|
#
|
10
|
-
#
|
10
|
+
# Gets Access Profile Name from ID
|
11
11
|
#
|
12
|
-
def self.
|
12
|
+
def self.get_name_from_id( id )
|
13
|
+
result = ReferenceResolver.search_for_single_object( "accessprofiles", "id:#{id}" )
|
14
|
+
unless result.nil?
|
15
|
+
return result['name']
|
16
|
+
end
|
17
|
+
return nil
|
18
|
+
end
|
13
19
|
|
14
|
-
|
20
|
+
#
|
21
|
+
# Gets Access Profile ID from Name
|
22
|
+
#
|
23
|
+
def self.get_id_from_name( name )
|
24
|
+
result = ReferenceResolver.search_for_single_object( "accessprofiles", "name:#{name}" )
|
25
|
+
unless result.nil?
|
26
|
+
return result['id']
|
27
|
+
end
|
28
|
+
return nil
|
29
|
+
end
|
15
30
|
|
31
|
+
#
|
32
|
+
# Converts Entitlement IDs to Entitlement Names
|
33
|
+
#
|
34
|
+
def self.get_entitlements( entitlement_ids )
|
35
|
+
entitlement_names = []
|
16
36
|
entitlement_ids.each do |entitlement_id|
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
case response
|
21
|
-
when Net::HTTPSuccess
|
22
|
-
|
23
|
-
entitlements = JSON.parse( response.body )
|
24
|
-
|
25
|
-
entitlements.each do |entitlement|
|
26
|
-
if (entitlementNames != "")
|
27
|
-
entitlementNames << ";"
|
28
|
-
end
|
29
|
-
entitlementNames << entitlement['name']
|
30
|
-
end
|
37
|
+
result = ReferenceResolver.search_for_single_object( "entitlements", "id:#{entitlement_id}" )
|
38
|
+
unless result.nil?
|
39
|
+
entitlement_names.push( result['name'] )
|
31
40
|
end
|
32
|
-
|
33
41
|
end
|
34
|
-
|
35
|
-
return entitlementNames
|
42
|
+
return entitlement_names
|
36
43
|
end
|
37
44
|
|
38
45
|
#
|
@@ -45,22 +52,22 @@ module AccessProfiles
|
|
45
52
|
case response
|
46
53
|
when Net::HTTPSuccess
|
47
54
|
|
48
|
-
|
55
|
+
access_profiles = JSON.parse( response.body )
|
49
56
|
|
50
|
-
$log.info "\
|
57
|
+
$log.info "\tRetrieved #{access_profiles['count']} access profiles."
|
51
58
|
|
52
|
-
|
59
|
+
access_profiles['items'].each do |access_profile|
|
53
60
|
|
54
|
-
$log.info "\tAccess Profile: #{
|
61
|
+
$log.info "\tAccess Profile: #{access_profile["name"]}"
|
55
62
|
|
56
|
-
|
63
|
+
access_profile['entitlementNames'] = AccessProfiles.get_entitlements( access_profile['entitlements'] )
|
57
64
|
|
58
|
-
Program.write_file( "#{directory}/access-profiles/", "Access Profile - #{
|
65
|
+
Program.write_file( "#{directory}/access-profiles/", "Access Profile - #{access_profile["name"]}.json", JSON.pretty_generate( access_profile ) )
|
59
66
|
|
60
67
|
end # transforms["items"].each do |transform|
|
61
68
|
|
62
69
|
else
|
63
|
-
$log.error "\tError: Unable to
|
70
|
+
$log.error "\tError: Unable to retrieve access profiles."
|
64
71
|
end # case response
|
65
72
|
|
66
73
|
end # def self.export( directory )
|
@@ -82,23 +89,26 @@ module AccessProfiles
|
|
82
89
|
case response
|
83
90
|
when Net::HTTPSuccess
|
84
91
|
|
85
|
-
|
92
|
+
access_profiles = JSON.parse( response.body )
|
86
93
|
|
87
|
-
$log.info "\
|
94
|
+
$log.info "\tRetrieved #{access_profiles['count']} access profiles."
|
88
95
|
|
89
|
-
Markdown.h2
|
90
|
-
Markdown.text
|
91
|
-
Markdown.text
|
96
|
+
Markdown.h2 "Access Profiles"
|
97
|
+
Markdown.text "| Name | Description | Requestable | Entitlements |\n"
|
98
|
+
Markdown.text "|------|-------------|-------------|--------------|\n"
|
92
99
|
|
93
|
-
|
100
|
+
access_profiles['items'].each do |access_profile|
|
94
101
|
|
95
|
-
$log.info "\tAccess Profile: #{
|
96
|
-
Markdown.text( "|#{accessProfile["name"]}|#{accessProfile["description"]}|#{accessProfile["sourceName"]}: #{AccessProfiles.getEntitlements(accessProfile["entitlements"])}|#{accessProfile["requestable"]}|\n")
|
102
|
+
$log.info "\tAccess Profile: #{access_profile["name"]}"
|
97
103
|
|
98
|
-
|
104
|
+
entitlement_names = AccessProfiles.get_entitlements( access_profile['entitlements'] )
|
105
|
+
|
106
|
+
Markdown.text( "|#{access_profile["name"]}|#{access_profile["description"]}|#{access_profile["sourceName"]}: #{Program.humanize( access_profile["requestable"] )}|#{entitlement_names.join(", ")}|\n")
|
107
|
+
|
108
|
+
end # access_profiles['items'].each do |access_profile|
|
99
109
|
|
100
110
|
else
|
101
|
-
$log.error "\tError: Unable to
|
111
|
+
$log.error "\tError: Unable to retrieve access profiles."
|
102
112
|
end # case response
|
103
113
|
|
104
114
|
Markdown.write
|
@@ -18,7 +18,7 @@ module AccountProfiles
|
|
18
18
|
|
19
19
|
sources = JSON.parse( response.body )
|
20
20
|
|
21
|
-
$log.info "\
|
21
|
+
$log.info "\tRetrieved account profiles, across #{sources.count} sources."
|
22
22
|
|
23
23
|
sources.each do |source|
|
24
24
|
|
@@ -37,13 +37,13 @@ module AccountProfiles
|
|
37
37
|
end # accountProfiles.each do |accountProfile|
|
38
38
|
|
39
39
|
else
|
40
|
-
$log.error "\tError: Unable to
|
40
|
+
$log.error "\tError: Unable to retrieve account profile for source #{source["name"]}."
|
41
41
|
end # case response
|
42
42
|
|
43
43
|
end # sources.each do |source|
|
44
44
|
|
45
45
|
else
|
46
|
-
$log.error "\tError: Unable to
|
46
|
+
$log.error "\tError: Unable to retrieve sources, for account profiles."
|
47
47
|
end # case response
|
48
48
|
|
49
49
|
end # def self.export( directory )
|
@@ -114,7 +114,7 @@ module AccountProfiles
|
|
114
114
|
|
115
115
|
sources = JSON.parse( response.body )
|
116
116
|
|
117
|
-
$log.info "\
|
117
|
+
$log.info "\tRetrieved account profiles, across #{sources.count} sources."
|
118
118
|
|
119
119
|
Markdown.h2( "Account Profiles" )
|
120
120
|
|
@@ -152,13 +152,13 @@ module AccountProfiles
|
|
152
152
|
end # accountProfiles.each do |accountProfile|
|
153
153
|
|
154
154
|
else
|
155
|
-
$log.error "\tError: Unable to
|
155
|
+
$log.error "\tError: Unable to retrieve account profile for source #{source["name"]}."
|
156
156
|
end # case response
|
157
157
|
|
158
158
|
end # sources.each do |source|
|
159
159
|
|
160
160
|
else
|
161
|
-
$log.error "\tError: Unable to
|
161
|
+
$log.error "\tError: Unable to retrieve sources, for account profiles."
|
162
162
|
end # case response
|
163
163
|
|
164
164
|
Markdown.write
|
@@ -212,7 +212,7 @@ s
|
|
212
212
|
|
213
213
|
unless sources.nil?
|
214
214
|
|
215
|
-
$log.info "\
|
215
|
+
$log.info "\tRetrieved account schemas, across #{sources.count} sources."
|
216
216
|
|
217
217
|
sources.each do |source|
|
218
218
|
|
@@ -224,11 +224,18 @@ s
|
|
224
224
|
when Net::HTTPSuccess
|
225
225
|
|
226
226
|
account_schema = JSON.parse( response.body )
|
227
|
-
|
228
227
|
Program.write_file("#{directory}/account-schemas/", "Account Schema - #{source['name']} - #{account_schema['objectType']}.json", JSON.pretty_generate( account_schema ) )
|
229
228
|
|
229
|
+
# When an account schema is null, we get a HTTP 400 Bad Request instead of null, empty or 204 No Content. We've raised a bug (IDNARSENAL-6274) on this.
|
230
|
+
# Until this returns something better, we'll protect our code and only output this only in debug mode. We don't want to error unnecessarily.
|
231
|
+
when Net::HTTPBadRequest
|
232
|
+
|
233
|
+
$log.debug "\tError: Unable to fetch account schema for source '#{source['name']}'. Received 400 Bad Request, likely due to empty or null schema."
|
234
|
+
|
230
235
|
else
|
236
|
+
|
231
237
|
$log.error "\tError: Unable to fetch account schema for source '#{source['name']}'."
|
238
|
+
|
232
239
|
end # case response
|
233
240
|
|
234
241
|
end # sources.each do |source|
|
@@ -236,7 +243,7 @@ s
|
|
236
243
|
end # unless sources.nil?
|
237
244
|
|
238
245
|
else
|
239
|
-
$log.error "\tError: Unable to
|
246
|
+
$log.error "\tError: Unable to retrieve sources."
|
240
247
|
end # case response
|
241
248
|
|
242
249
|
end
|
@@ -305,36 +312,65 @@ s
|
|
305
312
|
# Documents Account Schema configurations.
|
306
313
|
#
|
307
314
|
def self.doc
|
308
|
-
Markdown.h2( "Account Schemas" )
|
309
315
|
|
310
|
-
response = IDNAPI.get(
|
311
|
-
|
316
|
+
response = IDNAPI.get("#{$url}/cc/api/source/list", $token)
|
317
|
+
|
318
|
+
case response
|
319
|
+
when Net::HTTPSuccess
|
320
|
+
|
312
321
|
sources = JSON.parse( response.body )
|
313
322
|
|
314
|
-
|
315
|
-
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
324
|
-
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
332
|
-
|
323
|
+
unless sources.nil?
|
324
|
+
|
325
|
+
$log.info "\tRetrieved account schemas, across #{sources.count} sources."
|
326
|
+
|
327
|
+
Markdown.h2 "Account Schemas"
|
328
|
+
|
329
|
+
sources.each do |source|
|
330
|
+
|
331
|
+
$log.info "\tAccount Schema: #{source['name']}"
|
332
|
+
|
333
|
+
response = IDNAPI.get( "#{$url}/cc/api/source/getAccountSchema/#{source['id']}", $token )
|
334
|
+
|
335
|
+
case response
|
336
|
+
when Net::HTTPSuccess
|
337
|
+
|
338
|
+
account_schema = JSON.parse( response.body )
|
339
|
+
|
340
|
+
$log.info "\tAccount Schema: #{source["name"]} - #{account_schema["objectType"]}"
|
341
|
+
|
342
|
+
unless ( account_schema["attributes"].nil? || account_schema["attributes"].empty? )
|
343
|
+
Markdown.h3( "#{source["name"]}" )
|
344
|
+
Markdown.text( " - Object Type: #{account_schema["objectType"]}\n" )
|
345
|
+
Markdown.text( " - Account ID: #{account_schema["identityAttribute"]}\n" )
|
346
|
+
Markdown.text( " - Account Name: #{account_schema["displayAttribute"]}\n" )
|
347
|
+
Markdown.text( " - Group Attribute: #{account_schema["groupAttribute"]}\n\n" )
|
348
|
+
Markdown.text( "| Name | Description | Type | Multi-valued | Entitlement |\n" )
|
349
|
+
Markdown.text( "|------|-------------|------|--------------|-------------|\n" )
|
350
|
+
account_schema["attributes"].each do |attribute|
|
351
|
+
Markdown.text( "|#{attribute["name"]}|#{attribute["description"]}|#{attribute["type"]}|#{Program.humanize( attribute["entitlement"] )}|#{Program.humanize( attribute["multi"] )}|\n" )
|
352
|
+
end
|
333
353
|
end
|
334
|
-
|
335
|
-
|
336
|
-
|
337
|
-
|
354
|
+
|
355
|
+
# When an account schema is null, we get a HTTP 400 Bad Request instead of null, empty or 204 No Content. We've raised a bug (IDNARSENAL-6274) on this.
|
356
|
+
# Until this returns something better, we'll protect our code and only output this only in debug mode. We don't want to error unnecessarily.
|
357
|
+
when Net::HTTPBadRequest
|
358
|
+
|
359
|
+
$log.debug "\tError: Unable to fetch account schema for source '#{source['name']}'. Received 400 Bad Request, likely due to empty or null schema."
|
360
|
+
|
361
|
+
else
|
362
|
+
|
363
|
+
$log.error "\tError: Unable to fetch account schema for source '#{source['name']}'."
|
364
|
+
|
365
|
+
end # case response
|
366
|
+
|
367
|
+
end # sources.each do |source|
|
368
|
+
|
369
|
+
end # unless sources.nil?
|
370
|
+
|
371
|
+
else
|
372
|
+
$log.error "\tError: Unable to retrieve sources."
|
373
|
+
end # case response
|
338
374
|
|
339
375
|
Markdown.write
|
340
376
|
end
|
@@ -33,21 +33,36 @@ module AttributeSyncConfig
|
|
33
33
|
def self.export( directory )
|
34
34
|
|
35
35
|
response = IDNAPI.get( "#{$url}/cc/api/source/list", $token )
|
36
|
-
|
36
|
+
|
37
|
+
case response
|
38
|
+
when Net::HTTPSuccess
|
39
|
+
|
37
40
|
sources = JSON.parse( response.body )
|
38
41
|
|
39
|
-
$log.info "\
|
42
|
+
$log.info "\tRetrieved attribute sync config, across #{sources.count} sources."
|
40
43
|
|
41
44
|
sources.each do |source|
|
45
|
+
|
42
46
|
response = IDNAPI.get( "#{$url}/cc/api/source/getAttributeSyncConfig/#{source["id"]}", $token )
|
43
47
|
|
44
|
-
|
45
|
-
|
48
|
+
case response
|
49
|
+
when Net::HTTPSuccess
|
50
|
+
|
51
|
+
attribute_sync_config = JSON.parse( response.body )
|
52
|
+
|
46
53
|
$log.info "\tAttribute Sync Config: #{source["name"]}"
|
47
|
-
Program.write_file( "#{directory}/attribute-sync-config/", "Attribute Sync Config - #{source["name"]}.json", JSON.pretty_generate(
|
48
|
-
|
49
|
-
|
50
|
-
|
54
|
+
Program.write_file( "#{directory}/attribute-sync-config/", "Attribute Sync Config - #{source["name"]}.json", JSON.pretty_generate( attribute_sync_config ) )
|
55
|
+
|
56
|
+
else
|
57
|
+
$log.error "\tError: Unable to retrieve attribute sync config."
|
58
|
+
end # case response
|
59
|
+
|
60
|
+
end # sources.each do |source|s
|
61
|
+
|
62
|
+
else
|
63
|
+
$log.error "\tError: Unable to retrieve sources."
|
64
|
+
end # case response
|
65
|
+
|
51
66
|
end
|
52
67
|
|
53
68
|
#
|
@@ -89,33 +104,46 @@ module AttributeSyncConfig
|
|
89
104
|
#
|
90
105
|
def self.doc
|
91
106
|
|
92
|
-
Markdown.h2( "Attribute Sync Config" )
|
93
|
-
|
94
107
|
response = IDNAPI.get( "#{$url}/cc/api/source/list", $token )
|
95
108
|
|
96
|
-
|
109
|
+
case response
|
110
|
+
when Net::HTTPSuccess
|
97
111
|
|
98
112
|
sources = JSON.parse( response.body )
|
99
113
|
|
100
|
-
$log.info "\
|
114
|
+
$log.info "\tRetrieved attribute sync config, across #{sources.count} sources."
|
115
|
+
|
116
|
+
Markdown.h2 "Attribute Sync Config"
|
101
117
|
|
102
118
|
sources.each do |source|
|
103
119
|
|
104
120
|
response = IDNAPI.get( "#{$url}/cc/api/source/getAttributeSyncConfig/#{source["id"]}", $token )
|
105
|
-
syncAttributes = JSON.parse( response.body )
|
106
121
|
|
107
|
-
|
122
|
+
case response
|
123
|
+
when Net::HTTPSuccess
|
124
|
+
|
125
|
+
attribute_sync_config = JSON.parse( response.body )
|
108
126
|
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
Markdown.text( "
|
127
|
+
$log.info "\tAttribute Sync Config: #{source["name"]}"
|
128
|
+
|
129
|
+
unless ( attribute_sync_config.nil? || attribute_sync_config["syncAttributes"].nil? || attribute_sync_config["syncAttributes"].empty? )
|
130
|
+
Markdown.h3( "#{source["name"]}" )
|
131
|
+
Markdown.text( "| Account Attribute | Identity Attribute | Enabled? |\n" )
|
132
|
+
Markdown.text( "|-------------------|--------------------|----------|\n" )
|
133
|
+
attribute_sync_config["syncAttributes"].each do |sync_attribute|
|
134
|
+
Markdown.text( "|#{sync_attribute["targetAttribute"]}|#{sync_attribute["identityAttributeName"]}|#{Program.humanize( sync_attribute["enabled"] )}|\n" )
|
135
|
+
end
|
115
136
|
end
|
116
|
-
|
117
|
-
|
118
|
-
|
137
|
+
|
138
|
+
else
|
139
|
+
$log.error "\tError: Unable to retrieve attribute sync config."
|
140
|
+
end # case response
|
141
|
+
|
142
|
+
end # sources.each do |source|s
|
143
|
+
|
144
|
+
else
|
145
|
+
$log.error "\tError: Unable to retrieve sources."
|
146
|
+
end # case response
|
119
147
|
|
120
148
|
Markdown.write
|
121
149
|
end
|
data/lib/objects/branding.rb
CHANGED
@@ -18,7 +18,7 @@ module Branding
|
|
18
18
|
|
19
19
|
brands = JSON.parse( response.body )
|
20
20
|
|
21
|
-
$log.info "\
|
21
|
+
$log.info "\tRetrieved branding configurations."
|
22
22
|
|
23
23
|
brands['items'].each do |brand|
|
24
24
|
|
@@ -28,7 +28,7 @@ module Branding
|
|
28
28
|
end # brands['items'].each do |brand|
|
29
29
|
|
30
30
|
else
|
31
|
-
$log.error "\tError: Unable to
|
31
|
+
$log.error "\tError: Unable to retrieve branding."
|
32
32
|
end # case response
|
33
33
|
|
34
34
|
end
|