jgrouper 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/HISTORY.md +14 -0
- data/README.rdoc +7 -0
- data/bin/jgrouper-audit-archiver +2 -2
- data/bin/jgrouper-grant +107 -0
- data/lib/jgrouper/group.rb +20 -1
- data/lib/jgrouper/member.rb +5 -1
- data/lib/jgrouper/privilege.rb +62 -0
- data/lib/jgrouper/stem.rb +11 -3
- data/lib/jgrouper/subject.rb +58 -0
- data/lib/jgrouper/version.rb +1 -1
- data/lib/jgrouper.rb +18 -0
- metadata +7 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1d34d0e3926d5850e95ca673912825fae7f2d4d7
|
4
|
+
data.tar.gz: ef0be60e432fcddbf3245cc20988aa5fe2f48c86
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8f05bcf26ee9937fbcb84390de299457cff24f82071308d78c0ab2c600c1c4c0a2ceca64b154f861b7e2d4633ef3a63096461b0299c9ee2e04aa8a490a0cfee3
|
7
|
+
data.tar.gz: dc8d6104cb439831e5550c7829b386044d0c1aebf48db5ee7594627302510637b3700097b36563511284d14e4ae0c916d64bad7c4299e11f75047d350fc9bf90
|
data/Gemfile
CHANGED
data/HISTORY.md
CHANGED
@@ -1,6 +1,20 @@
|
|
1
1
|
JGrouper History
|
2
2
|
================
|
3
3
|
|
4
|
+
2013-06-27 JGrouper v0.3.0
|
5
|
+
--------------------------
|
6
|
+
* Add "bin/jgrouper-grant"
|
7
|
+
* Add *JGrouper::Group.find()*
|
8
|
+
* Add *JGrouper::Group.grant()*
|
9
|
+
* Add *JGrouper::Privilege*
|
10
|
+
* Add *JGrouper::Stem.grant()*
|
11
|
+
* Add *JGrouper::Subject*
|
12
|
+
* Improve *JGrouper::Stem.find()* error handling
|
13
|
+
* Fix various *to_s* bugs
|
14
|
+
* Fix *JGrouper::Member.find()* error handling
|
15
|
+
* Fix *JGrouper::Stem.stems()*
|
16
|
+
|
17
|
+
|
4
18
|
2013-05-17 JGrouper v0.2.0
|
5
19
|
--------------------------
|
6
20
|
* Add "-d directory" option to "jgrouper-audit-archiver"
|
data/README.rdoc
CHANGED
@@ -57,6 +57,13 @@ Export (some of the) Groups registry to CSV:
|
|
57
57
|
|
58
58
|
% jgrouper-exporter -h
|
59
59
|
|
60
|
+
Grant privileges:
|
61
|
+
|
62
|
+
% jgrouper-grant $group admin $subject
|
63
|
+
% jgrouper-grant $stem stem $subject
|
64
|
+
% jgrouper-grant -R $stem admin $subject
|
65
|
+
% jgrouper-grant -R $stem stem $subject
|
66
|
+
|
60
67
|
== Installation
|
61
68
|
|
62
69
|
Add this line to your application's Gemfile:
|
data/bin/jgrouper-audit-archiver
CHANGED
@@ -10,7 +10,7 @@ JGrouper::AuditArchiver.new do |archiver|
|
|
10
10
|
opts = OptionParser.new do |opts|
|
11
11
|
opts.banner = "USAGE: #{ File.basename(__FILE__) } [options]"
|
12
12
|
|
13
|
-
opts.on( '-d', '--directory DIR', 'Write output to this
|
13
|
+
opts.on( '-d', '--directory DIR', 'Write output to this directory [DEFAULT: .]' ) do |directory|
|
14
14
|
archiver.directory = directory
|
15
15
|
end
|
16
16
|
opts.on( '-n', '--number DAYS', Integer, 'Archive this many days [DEFAULT: 1]' ) do |number|
|
@@ -19,7 +19,7 @@ JGrouper::AuditArchiver.new do |archiver|
|
|
19
19
|
opts.on( '-s', '--skip COLUMNS', Array, 'Exclude these GROUPER_AUDIT_ENTRY comma-separated column names from archive [DEFAULT: none]' ) do |columns|
|
20
20
|
archiver.skip_columns = columns
|
21
21
|
end
|
22
|
-
opts.on( '-S', '--stop DATE', '
|
22
|
+
opts.on( '-S', '--stop DATE', 'Do not archive entries from this date onward [DEFAULT: none]' ) do |date|
|
23
23
|
archiver.stop_date = date
|
24
24
|
end
|
25
25
|
opts.on_tail('-h', '--help', "Show this message") do
|
data/bin/jgrouper-grant
ADDED
@@ -0,0 +1,107 @@
|
|
1
|
+
#!/usr/bin/env jruby
|
2
|
+
|
3
|
+
require 'jgrouper'
|
4
|
+
require 'optparse'
|
5
|
+
|
6
|
+
|
7
|
+
class MyApp
|
8
|
+
|
9
|
+
attr_accessor :recurse, :verbose
|
10
|
+
|
11
|
+
def initialize
|
12
|
+
@recurse = false
|
13
|
+
@verbose = false
|
14
|
+
yield self if block_given?
|
15
|
+
self
|
16
|
+
end
|
17
|
+
|
18
|
+
def grant(stem_or_group, privilege, subject)
|
19
|
+
raise 'ERROR: stem-or-group is nil' if stem_or_group.nil?
|
20
|
+
raise 'ERROR: privilege is nil' if stem_or_group.nil?
|
21
|
+
raise 'ERROR: subject is nil' if stem_or_group.nil?
|
22
|
+
|
23
|
+
priv = JGrouper::Privilege.find privilege
|
24
|
+
raise "ERROR: could not find privilege: #{privilege}" if priv.nil?
|
25
|
+
puts "found privilege: #{priv.to_s}" if verbose?
|
26
|
+
subj = JGrouper::Subject.find(subject)
|
27
|
+
raise "ERROR: could not find subject: #{subject}" if subj.nil?
|
28
|
+
puts "found subject: #{subj.to_s}" if verbose?
|
29
|
+
|
30
|
+
stem = JGrouper::Stem.find(stem_or_group)
|
31
|
+
return grant_stem(stem, priv, subj) unless stem.nil?
|
32
|
+
|
33
|
+
group = JGrouper::Group.find(stem_or_group)
|
34
|
+
return grant_group(group, priv, subj) unless group.nil?
|
35
|
+
|
36
|
+
raise "ERROR: could not find stem-or-group: #{stem_or_group}"
|
37
|
+
end
|
38
|
+
|
39
|
+
def recurse? ; @recurse ; end
|
40
|
+
def verbose? ; @verbose ; end
|
41
|
+
|
42
|
+
|
43
|
+
private
|
44
|
+
|
45
|
+
def grant_group(group, privilege, subject)
|
46
|
+
if privilege.naming?
|
47
|
+
warn 'WARNING: cannot grant naming privilege on group'
|
48
|
+
return false
|
49
|
+
end
|
50
|
+
|
51
|
+
puts "granting privilege #{privilege.name} to subject #{subject} on group #{group.name}" if verbose?
|
52
|
+
group.grant(subject, privilege)
|
53
|
+
end
|
54
|
+
|
55
|
+
def grant_stem(stem, privilege, subject)
|
56
|
+
if privilege.access?
|
57
|
+
unless recurse?
|
58
|
+
warn 'WARNING: cannot grant access privilege on stem without specifying -R'
|
59
|
+
return false
|
60
|
+
end
|
61
|
+
stem.groups do |group|
|
62
|
+
puts "granting privilege #{privilege.name} to subject #{subject} on group #{group.name}" if verbose?
|
63
|
+
group.grant(subject, privilege)
|
64
|
+
end
|
65
|
+
stem.stems { |child| grant_stem(child, privilege, subject) }
|
66
|
+
return
|
67
|
+
end
|
68
|
+
|
69
|
+
puts "granting privilege #{privilege.name} to subject #{subject} on stem #{stem.name}" if verbose?
|
70
|
+
stem.grant(subject, privilege)
|
71
|
+
stem.stems { |child| grant_stem(child, privilege, subject) } if recurse?
|
72
|
+
true
|
73
|
+
end
|
74
|
+
|
75
|
+
end
|
76
|
+
|
77
|
+
|
78
|
+
MyApp.new do |app|
|
79
|
+
|
80
|
+
opts = OptionParser.new do |opts|
|
81
|
+
opts.banner = "USAGE: #{ File.basename(__FILE__) } [options] <stem-or-group> <privilege> <subject>"
|
82
|
+
opts.on('-R', '--[no-]recurse', 'Recursively grant privileges [DEFAULT: no]') do |recurse|
|
83
|
+
app.recurse = recurse
|
84
|
+
end
|
85
|
+
opts.on_tail('-h', '--help', 'Show help') do
|
86
|
+
puts opts
|
87
|
+
exit
|
88
|
+
end
|
89
|
+
opts.on_tail('-v', '--[no-]verbose', 'Enable verbose mode [DEFAULT: no]') do |verbose|
|
90
|
+
app.verbose = verbose
|
91
|
+
end
|
92
|
+
end.parse!
|
93
|
+
|
94
|
+
# TODO DRY
|
95
|
+
if ENV['GROUPER_HOME']
|
96
|
+
JGrouper.home! ENV['GROUPER_HOME']
|
97
|
+
else
|
98
|
+
warn "ERROR: GROUPER_HOME not set"
|
99
|
+
exit 1
|
100
|
+
end
|
101
|
+
|
102
|
+
app.grant( ARGV.shift, ARGV.shift, ARGV.shift ) or exit 1
|
103
|
+
|
104
|
+
end
|
105
|
+
|
106
|
+
# vim: syntax=ruby
|
107
|
+
|
data/lib/jgrouper/group.rb
CHANGED
@@ -19,6 +19,25 @@ module JGrouper # :nodoc:
|
|
19
19
|
self
|
20
20
|
end
|
21
21
|
|
22
|
+
#
|
23
|
+
# Find Grouper group by name. Returns +JGrouper::Group+ or +nil+.
|
24
|
+
#
|
25
|
+
def self.find(name)
|
26
|
+
begin
|
27
|
+
obj = JGroupFinder.find_by_name GrouperSession.start_root_session, name, false
|
28
|
+
rescue => e
|
29
|
+
warn "JGrouper::Group.find(#{name}) => #{e}"
|
30
|
+
end
|
31
|
+
return nil if obj.nil?
|
32
|
+
group = self.new obj
|
33
|
+
yield group if block_given?
|
34
|
+
group
|
35
|
+
end
|
36
|
+
|
37
|
+
def grant(subject, privilege)
|
38
|
+
@obj.grantPriv subject.to_grouper, privilege.to_grouper, false
|
39
|
+
end
|
40
|
+
|
22
41
|
#
|
23
42
|
# For passing methods on to Grouper Group object.
|
24
43
|
#
|
@@ -34,7 +53,7 @@ module JGrouper # :nodoc:
|
|
34
53
|
|
35
54
|
def to_s
|
36
55
|
return nil if @obj.nil?
|
37
|
-
|
56
|
+
%w( name display_name uuid ).collect { |k| "#{k}=#{ self.send(k) }" }.to_csv.chomp
|
38
57
|
end
|
39
58
|
|
40
59
|
end
|
data/lib/jgrouper/member.rb
CHANGED
@@ -22,7 +22,11 @@ module JGrouper # :nodoc:
|
|
22
22
|
# Find Grouper member by UUID. Returns +JGrouper::Member+ or +nil+.
|
23
23
|
#
|
24
24
|
def self.find(uuid)
|
25
|
-
|
25
|
+
begin
|
26
|
+
m = MemberFinder.find_by_uuid GrouperSession.start_root_session, uuid, false
|
27
|
+
rescue => e
|
28
|
+
warn "JGrouper::Member.find(#{uuid}) => #{e}"
|
29
|
+
end
|
26
30
|
return nil if m.nil?
|
27
31
|
member = self.new m
|
28
32
|
yield member if block_given?
|
@@ -0,0 +1,62 @@
|
|
1
|
+
module JGrouper # :nodoc:
|
2
|
+
|
3
|
+
#
|
4
|
+
# = JGrouper::Privilege - Grouper Privilee
|
5
|
+
#
|
6
|
+
# == Usage
|
7
|
+
#
|
8
|
+
# require 'jgrouper'
|
9
|
+
#
|
10
|
+
# priv = JGrouper::Privilege.find name
|
11
|
+
#
|
12
|
+
class Privilege
|
13
|
+
|
14
|
+
# TODO
|
15
|
+
def initialize( obj = nil )
|
16
|
+
@obj = obj
|
17
|
+
yield self if block_given?
|
18
|
+
self
|
19
|
+
end
|
20
|
+
|
21
|
+
#
|
22
|
+
# Find Grouper privilege by name. Returns +JGrouper::Privilege+ or +nil+.
|
23
|
+
#
|
24
|
+
def self.find(name)
|
25
|
+
begin
|
26
|
+
priv = JPrivilege.getInstance name
|
27
|
+
rescue => e
|
28
|
+
warn "JGrouper::Privilege.find(#{name}) => #{e}"
|
29
|
+
end
|
30
|
+
return nil if priv.nil?
|
31
|
+
privilege = self.new priv
|
32
|
+
yield privilege if block_given?
|
33
|
+
privilege
|
34
|
+
end
|
35
|
+
|
36
|
+
#
|
37
|
+
# For passing methods on to Grouper subject object.
|
38
|
+
#
|
39
|
+
def method_missing(meth, *args, &block)
|
40
|
+
super if @obj.nil?
|
41
|
+
begin
|
42
|
+
block.call @obj.send(meth, *args) if block
|
43
|
+
@obj.send(meth, *args)
|
44
|
+
rescue NoMethodError
|
45
|
+
super
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def access?; JPrivilege.isAccess(@obj); end
|
50
|
+
def naming?; JPrivilege.isNaming(@obj); end
|
51
|
+
def type; access? ? :access : :naming; end
|
52
|
+
|
53
|
+
def to_grouper; @obj; end
|
54
|
+
|
55
|
+
def to_s
|
56
|
+
return nil if @obj.nil?
|
57
|
+
%w( name type ).collect { |k| "#{k}=#{ self.send(k) }" }.to_csv.chomp
|
58
|
+
end
|
59
|
+
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
data/lib/jgrouper/stem.rb
CHANGED
@@ -23,13 +23,21 @@ module JGrouper # :nodoc:
|
|
23
23
|
# Find Grouper stem by name. Returns +JGrouper::Stem+ or +nil+.
|
24
24
|
#
|
25
25
|
def self.find(name)
|
26
|
-
|
26
|
+
begin
|
27
|
+
obj = StemFinder.find_by_name GrouperSession.start_root_session, name, false
|
28
|
+
rescue => e
|
29
|
+
warn "JGrouper::Group.find(#{name}) => #{e}"
|
30
|
+
end
|
27
31
|
return nil if obj.nil?
|
28
32
|
stem = self.new obj
|
29
33
|
yield stem if block_given?
|
30
34
|
stem
|
31
35
|
end
|
32
36
|
|
37
|
+
def grant(subject, privilege)
|
38
|
+
@obj.grantPriv subject.to_grouper, privilege.to_grouper, false
|
39
|
+
end
|
40
|
+
|
33
41
|
#
|
34
42
|
# Yield child groups.
|
35
43
|
#
|
@@ -70,7 +78,7 @@ module JGrouper # :nodoc:
|
|
70
78
|
#
|
71
79
|
def stems
|
72
80
|
@obj.child_stems.collect do |child|
|
73
|
-
s = self.new child
|
81
|
+
s = self.class.new child
|
74
82
|
yield s if block_given?
|
75
83
|
s
|
76
84
|
end
|
@@ -78,7 +86,7 @@ module JGrouper # :nodoc:
|
|
78
86
|
|
79
87
|
def to_s
|
80
88
|
return nil if @obj.nil?
|
81
|
-
|
89
|
+
%w( name display_name uuid ).collect { |k| "#{k}=#{ self.send(k) }" }.to_csv.chomp
|
82
90
|
end
|
83
91
|
|
84
92
|
end
|
@@ -0,0 +1,58 @@
|
|
1
|
+
module JGrouper # :nodoc:
|
2
|
+
|
3
|
+
#
|
4
|
+
# = JGrouper::Subject - Grouper Subject
|
5
|
+
#
|
6
|
+
# == Usage
|
7
|
+
#
|
8
|
+
# require 'jgrouper'
|
9
|
+
#
|
10
|
+
# subj = JGrouper::Subject.find id_or_identifier
|
11
|
+
#
|
12
|
+
class Subject
|
13
|
+
|
14
|
+
# TODO
|
15
|
+
def initialize( obj = nil )
|
16
|
+
@obj = obj
|
17
|
+
yield self if block_given?
|
18
|
+
self
|
19
|
+
end
|
20
|
+
|
21
|
+
#
|
22
|
+
# Find Grouper subject by id-or-identifier. Returns +JGrouper::Subject+ or +nil+.
|
23
|
+
#
|
24
|
+
def self.find(id_or_identifier)
|
25
|
+
begin
|
26
|
+
subj = SubjectFinder.find_by_id_or_identifier id_or_identifier, false
|
27
|
+
rescue => e
|
28
|
+
warn "JGrouper::Subject.find(#{id_or_identifier}) => #{e}"
|
29
|
+
end
|
30
|
+
return nil if subj.nil?
|
31
|
+
subject = self.new subj
|
32
|
+
yield subject if block_given?
|
33
|
+
subject
|
34
|
+
end
|
35
|
+
|
36
|
+
#
|
37
|
+
# For passing methods on to Grouper subject object.
|
38
|
+
#
|
39
|
+
def method_missing(meth, *args, &block)
|
40
|
+
super if @obj.nil?
|
41
|
+
begin
|
42
|
+
block.call @obj.send(meth, *args) if block
|
43
|
+
@obj.send(meth, *args)
|
44
|
+
rescue NoMethodError
|
45
|
+
super
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def to_grouper; @obj; end
|
50
|
+
|
51
|
+
def to_s
|
52
|
+
return nil if @obj.nil?
|
53
|
+
%w( id type_name source_id name ).collect { |k| "#{k}=#{ self.send(k) }" }.to_csv.chomp
|
54
|
+
end
|
55
|
+
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
data/lib/jgrouper/version.rb
CHANGED
data/lib/jgrouper.rb
CHANGED
@@ -2,7 +2,9 @@ require 'java'
|
|
2
2
|
|
3
3
|
require 'jgrouper/group'
|
4
4
|
require 'jgrouper/member'
|
5
|
+
require 'jgrouper/privilege'
|
5
6
|
require 'jgrouper/stem'
|
7
|
+
require 'jgrouper/subject'
|
6
8
|
require 'jgrouper/version'
|
7
9
|
|
8
10
|
#
|
@@ -65,6 +67,13 @@ require 'jgrouper/version'
|
|
65
67
|
#
|
66
68
|
# % jgrouper-exporter -h
|
67
69
|
#
|
70
|
+
# Grant privileges:
|
71
|
+
#
|
72
|
+
# % jgrouper-grant $group admin $subject
|
73
|
+
# % jgrouper-grant $stem stem $subject
|
74
|
+
# % jgrouper-grant -R $stem admin $subject
|
75
|
+
# % jgrouper-grant -R $stem stem $subject
|
76
|
+
#
|
68
77
|
# == Installation
|
69
78
|
#
|
70
79
|
# Add this line to your application's Gemfile:
|
@@ -120,7 +129,16 @@ module JGrouper
|
|
120
129
|
edu.internet2.middleware.grouper.GrouperSession
|
121
130
|
edu.internet2.middleware.grouper.MemberFinder
|
122
131
|
edu.internet2.middleware.grouper.StemFinder
|
132
|
+
edu.internet2.middleware.grouper.SubjectFinder
|
123
133
|
).each { |klass| java_import klass }
|
134
|
+
|
135
|
+
# TODO Do this for everything?
|
136
|
+
%w(
|
137
|
+
edu.internet2.middleware.grouper.GroupFinder
|
138
|
+
edu.internet2.middleware.grouper.privs.Privilege
|
139
|
+
).each do |klass|
|
140
|
+
java_import klass do |pkg, cls| "J#{cls}"; end
|
141
|
+
end
|
124
142
|
end
|
125
143
|
|
126
144
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jgrouper
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- blair christensen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2013-
|
11
|
+
date: 2013-06-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -58,6 +58,7 @@ email:
|
|
58
58
|
executables:
|
59
59
|
- jgrouper-audit-archiver
|
60
60
|
- jgrouper-export
|
61
|
+
- jgrouper-grant
|
61
62
|
extensions: []
|
62
63
|
extra_rdoc_files: []
|
63
64
|
files:
|
@@ -71,13 +72,16 @@ files:
|
|
71
72
|
- TODO.md
|
72
73
|
- bin/jgrouper-audit-archiver
|
73
74
|
- bin/jgrouper-export
|
75
|
+
- bin/jgrouper-grant
|
74
76
|
- jgrouper.gemspec
|
75
77
|
- lib/jgrouper.rb
|
76
78
|
- lib/jgrouper/audit_archiver.rb
|
77
79
|
- lib/jgrouper/exporter.rb
|
78
80
|
- lib/jgrouper/group.rb
|
79
81
|
- lib/jgrouper/member.rb
|
82
|
+
- lib/jgrouper/privilege.rb
|
80
83
|
- lib/jgrouper/stem.rb
|
84
|
+
- lib/jgrouper/subject.rb
|
81
85
|
- lib/jgrouper/version.rb
|
82
86
|
homepage: https://github.com/blairc/jgrouper/
|
83
87
|
licenses:
|
@@ -99,7 +103,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
99
103
|
version: '0'
|
100
104
|
requirements: []
|
101
105
|
rubyforge_project:
|
102
|
-
rubygems_version: 2.0.
|
106
|
+
rubygems_version: 2.0.2
|
103
107
|
signing_key:
|
104
108
|
specification_version: 4
|
105
109
|
summary: JRuby wrapper around the Internet2 Grouper API
|