pe_rbac 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 503aa91d25ea3f71e9e459d699ba276b157ed71a
-  data.tar.gz: ad6d237d94f56cea3db6a25d899e724a442326f2
+  metadata.gz: 266be559cde84b8032eb2be288d4d1c242462b18
+  data.tar.gz: d6da43d016da4d442b7b00e02b9e71d8009cfa1d
 SHA512:
-  metadata.gz: cf191ff1d1b9cc99a622d6092cd740f4c96393a226e23e6cbeee44feafd6627746d185b3b69eedcbbb0e9673e316c3deaacc731fb5c088a00e196f1bdba0ba43
-  data.tar.gz: 8a20606fb82623317e05c1529da42d6cca1055ca515a94e768e3b6ea96c22ddf8e3355d92df91411608a4bd721c1b156d540a60bb75274cc0a3055bb7d9545d3
+  metadata.gz: 4d7eafbff0ac9c6537e6291118ccb6c93553a09743cfb8283cd73d294af921ceca3cfd2937f7d9fedda25d7daee598b4f167490978b5256c48529459abb61904
+  data.tar.gz: ae910cb3e886636b5594dc9aff9b1d61b15574028b877b791cfd54776c38868f7d38e041c0e53057e2f995d0f4bafae7d7e2f00ee4869835bc7cb50341214ff2

data/README.md

@@ -36,8 +36,9 @@ Or install it yourself as:
 ```
 pe_rbac  code_manager --password t0ps3cret
 ```
-Right now, the command line just provides a means to setup code manager.  If you
-want to do more then this, you must use the Ruby API
+Generate a token which can be used to deploy code using Code Manager.  
+
+* If you omit `--password`, then a random password will be chosen for you.
 
 ### Generating a token to use for ro/rw access to PuppetDB API
 ```
@@ -48,6 +49,8 @@ pe_rbac puppetdb --password t0ps3cret
 pe_rbac puppetdb --allow-write --password t0ps3cret
 ```
 
+* If you omit `--password`, then a random password will be chosen for you.
+
 ### Resetting a user password
 ```
 pe_rbac reset_password
@@ -59,6 +62,8 @@ pe_rbac reset_password --username foo --password 12345678
 ```
 Reset the password for the `foo` user to `12345678`
 
+* If you omit `--password`, then a random password will be chosen for you.
+
 ### Ruby API
 A Ruby API exists, see code for more info.  For the moment this code does what I want, but may extend to cover new features as requred.
 

data/example.rb

@@ -44,8 +44,8 @@ begin
     "instance"   => nil,
   }
   PeRbac::update_role('Code Deployers', permissions=perms)
-  PeRbac::ensure_user('psquared', 'root@localhost', 'psquared', 'changeme', role_id)
-  PeRbac::login('psquared', 'changeme', '10y')
+  PeRbac::ensure_user('psquared', 'root@localhost', 'psquared', 't0ps3cret', role_id)
+  PeRbac::login('psquared', 't0ps3cret', '10y')
 
   # what permissions are there?
   resp = PeRbac::get_permissions

data/exe/pe_rbac

@@ -19,7 +19,9 @@ require 'pe_rbac/action'
 require 'pe_rbac/core'
 require 'pe_rbac/role'
 require 'pe_rbac/user'
+require 'pe_rbac/version'
 require 'escort'
+require 'securerandom'
 
 # display help if nothing specified
 ARGV.push('-h') if ARGV.empty?
@@ -67,9 +69,9 @@ Escort::App.create do |app|
         :default => 'deploy'
       )
       opts.opt(:password,
-        'Initial password for deploy user',
+        'Initial password for deploy user (default is to randomly generate)',
         :long    => '--password',
-        :default => 'changeme'
+        :default => SecureRandom.hex
       )
       opts.opt(:email,
         'Email address',
@@ -142,7 +144,7 @@ Escort::App.create do |app|
       opts.opt(:password,
         'Initial password for deploy user',
         :long     => '--password',
-        :default  => 'changeme'
+        :default  => SecureRandom.hex,
       )
       opts.opt(:email,
         'Email address',
@@ -188,7 +190,7 @@ Escort::App.create do |app|
       opts.opt(:password,
         'Password to reset to',
         :long     => '--password',
-        :default  => 'changeme'
+        :default  => SecureRandom.hex,
       )
     end
   end

data/lib/pe_rbac/action.rb

@@ -55,7 +55,7 @@ module PeRbac
       status = false
       if user_id
         # get password reset token
-        reset_token = PeRbac::Core::request(:post, "/users/#{user_id}/password/reset")
+        reset_token = PeRbac::Core::request(:post, "/users/#{user_id}/password/reset").body
 
         # reset password
         PeRbac::Core::request(:post, '/auth/reset', {

data/lib/pe_rbac/core.rb

@@ -83,12 +83,15 @@ module PeRbac
                                ssl_ca_file: conf[:cacert],
                                ssl_version: :TLSv1_2)
         result = connection.request(method: method,
-                                    headers: {content_type: "application/json", accept: "application/json"},
+                                    headers: {"content-type"=> "application/json", "accept"=>"application/json"},
                                     body: _payload)
-        if result.status >= 300
+        if result.status >= 400
           # There doesn't seem to be a built-in way to check for error codes
           # without individually specifying each allowable 'good' status (:expect..)
-          # so lets just check for anything that smells bad
+          # so lets just check for anything that smells bad.  Note that the API
+          # sometimes gives us a 3xx code but there doesn't seem to be a need
+          # for us to follow the redirection...
+          Escort::Logger.error.error "Error #{result.status} encountered for '#{url}':  Requested '#{_payload}', got '#{result.body}'"
           result = false
         end
       rescue Excon::Error => e

data/lib/pe_rbac/version.rb

@@ -15,5 +15,5 @@
 # limitations under the License.
 
 module PeRbac
-  VERSION = "1.0.0"
+  VERSION = "1.1.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pe_rbac
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Geoff Williams
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-09-09 00:00:00.000000000 Z
+date: 2017-09-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler