pe_rbac 1.0.0 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 503aa91d25ea3f71e9e459d699ba276b157ed71a
4
- data.tar.gz: ad6d237d94f56cea3db6a25d899e724a442326f2
3
+ metadata.gz: 266be559cde84b8032eb2be288d4d1c242462b18
4
+ data.tar.gz: d6da43d016da4d442b7b00e02b9e71d8009cfa1d
5
5
  SHA512:
6
- metadata.gz: cf191ff1d1b9cc99a622d6092cd740f4c96393a226e23e6cbeee44feafd6627746d185b3b69eedcbbb0e9673e316c3deaacc731fb5c088a00e196f1bdba0ba43
7
- data.tar.gz: 8a20606fb82623317e05c1529da42d6cca1055ca515a94e768e3b6ea96c22ddf8e3355d92df91411608a4bd721c1b156d540a60bb75274cc0a3055bb7d9545d3
6
+ metadata.gz: 4d7eafbff0ac9c6537e6291118ccb6c93553a09743cfb8283cd73d294af921ceca3cfd2937f7d9fedda25d7daee598b4f167490978b5256c48529459abb61904
7
+ data.tar.gz: ae910cb3e886636b5594dc9aff9b1d61b15574028b877b791cfd54776c38868f7d38e041c0e53057e2f995d0f4bafae7d7e2f00ee4869835bc7cb50341214ff2
data/README.md CHANGED
@@ -36,8 +36,9 @@ Or install it yourself as:
36
36
  ```
37
37
  pe_rbac code_manager --password t0ps3cret
38
38
  ```
39
- Right now, the command line just provides a means to setup code manager. If you
40
- want to do more then this, you must use the Ruby API
39
+ Generate a token which can be used to deploy code using Code Manager.
40
+
41
+ * If you omit `--password`, then a random password will be chosen for you.
41
42
 
42
43
  ### Generating a token to use for ro/rw access to PuppetDB API
43
44
  ```
@@ -48,6 +49,8 @@ pe_rbac puppetdb --password t0ps3cret
48
49
  pe_rbac puppetdb --allow-write --password t0ps3cret
49
50
  ```
50
51
 
52
+ * If you omit `--password`, then a random password will be chosen for you.
53
+
51
54
  ### Resetting a user password
52
55
  ```
53
56
  pe_rbac reset_password
@@ -59,6 +62,8 @@ pe_rbac reset_password --username foo --password 12345678
59
62
  ```
60
63
  Reset the password for the `foo` user to `12345678`
61
64
 
65
+ * If you omit `--password`, then a random password will be chosen for you.
66
+
62
67
  ### Ruby API
63
68
  A Ruby API exists, see code for more info. For the moment this code does what I want, but may extend to cover new features as requred.
64
69
 
data/example.rb CHANGED
@@ -44,8 +44,8 @@ begin
44
44
  "instance" => nil,
45
45
  }
46
46
  PeRbac::update_role('Code Deployers', permissions=perms)
47
- PeRbac::ensure_user('psquared', 'root@localhost', 'psquared', 'changeme', role_id)
48
- PeRbac::login('psquared', 'changeme', '10y')
47
+ PeRbac::ensure_user('psquared', 'root@localhost', 'psquared', 't0ps3cret', role_id)
48
+ PeRbac::login('psquared', 't0ps3cret', '10y')
49
49
 
50
50
  # what permissions are there?
51
51
  resp = PeRbac::get_permissions
data/exe/pe_rbac CHANGED
@@ -19,7 +19,9 @@ require 'pe_rbac/action'
19
19
  require 'pe_rbac/core'
20
20
  require 'pe_rbac/role'
21
21
  require 'pe_rbac/user'
22
+ require 'pe_rbac/version'
22
23
  require 'escort'
24
+ require 'securerandom'
23
25
 
24
26
  # display help if nothing specified
25
27
  ARGV.push('-h') if ARGV.empty?
@@ -67,9 +69,9 @@ Escort::App.create do |app|
67
69
  :default => 'deploy'
68
70
  )
69
71
  opts.opt(:password,
70
- 'Initial password for deploy user',
72
+ 'Initial password for deploy user (default is to randomly generate)',
71
73
  :long => '--password',
72
- :default => 'changeme'
74
+ :default => SecureRandom.hex
73
75
  )
74
76
  opts.opt(:email,
75
77
  'Email address',
@@ -142,7 +144,7 @@ Escort::App.create do |app|
142
144
  opts.opt(:password,
143
145
  'Initial password for deploy user',
144
146
  :long => '--password',
145
- :default => 'changeme'
147
+ :default => SecureRandom.hex,
146
148
  )
147
149
  opts.opt(:email,
148
150
  'Email address',
@@ -188,7 +190,7 @@ Escort::App.create do |app|
188
190
  opts.opt(:password,
189
191
  'Password to reset to',
190
192
  :long => '--password',
191
- :default => 'changeme'
193
+ :default => SecureRandom.hex,
192
194
  )
193
195
  end
194
196
  end
@@ -55,7 +55,7 @@ module PeRbac
55
55
  status = false
56
56
  if user_id
57
57
  # get password reset token
58
- reset_token = PeRbac::Core::request(:post, "/users/#{user_id}/password/reset")
58
+ reset_token = PeRbac::Core::request(:post, "/users/#{user_id}/password/reset").body
59
59
 
60
60
  # reset password
61
61
  PeRbac::Core::request(:post, '/auth/reset', {
data/lib/pe_rbac/core.rb CHANGED
@@ -83,12 +83,15 @@ module PeRbac
83
83
  ssl_ca_file: conf[:cacert],
84
84
  ssl_version: :TLSv1_2)
85
85
  result = connection.request(method: method,
86
- headers: {content_type: "application/json", accept: "application/json"},
86
+ headers: {"content-type"=> "application/json", "accept"=>"application/json"},
87
87
  body: _payload)
88
- if result.status >= 300
88
+ if result.status >= 400
89
89
  # There doesn't seem to be a built-in way to check for error codes
90
90
  # without individually specifying each allowable 'good' status (:expect..)
91
- # so lets just check for anything that smells bad
91
+ # so lets just check for anything that smells bad. Note that the API
92
+ # sometimes gives us a 3xx code but there doesn't seem to be a need
93
+ # for us to follow the redirection...
94
+ Escort::Logger.error.error "Error #{result.status} encountered for '#{url}': Requested '#{_payload}', got '#{result.body}'"
92
95
  result = false
93
96
  end
94
97
  rescue Excon::Error => e
@@ -15,5 +15,5 @@
15
15
  # limitations under the License.
16
16
 
17
17
  module PeRbac
18
- VERSION = "1.0.0"
18
+ VERSION = "1.1.0"
19
19
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pe_rbac
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Geoff Williams
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-09-09 00:00:00.000000000 Z
11
+ date: 2017-09-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler