rs_user_policy 0.1.9 → 0.1.10

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    Y2FhODMxNzIwNjgwYmE3Y2UzOGZhZDUwNzNlMzU4N2NmM2U5ZGNhYw==
+  data.tar.gz: !binary |-
+    YzNiMTRjYmM0N2Y1ZDI4NGEwYThmNGY5ZDc0Zjc5MmQyY2MzYWRjMQ==
+SHA512:
+  metadata.gz: !binary |-
+    Nzk5N2I2MDk4NDg5YzUwMGRjMWMzMWRmNDZjNDFkZGEwYjgyNmFkNTQ1OGU5
+    MmJkZTFkNTM1YTM2YjY2ZmNjZTM3MmE3MDdkZGJlY2E1NmY1MDcyNTY1ZDdk
+    MzgyZTNkYjA0YmE3YWM3ZjlkYTczYWIxNjhlOWM4YzQ0NWI5NmE=
+  data.tar.gz: !binary |-
+    OTVhYjg5OGJjMzJlM2QzMzJjMWVjYzllNDgyYjcwMWM2YTYyNzNkZTE3ODdm
+    MTM2NTY2ODlhZmIzMjBjNzNhZTFlMDVlYmZhODMyYWUyZGQ3ZWNiYWM4YjY4
+    N2QzMjgwNmExYTYwMzJjMWZjZDdhMzNiMjc3YzJhODdhYWMyMWE=

data/README.rdoc

@@ -135,6 +135,7 @@ Second is the user_assignments-<timestamp>.json file.  This will be a combinatio
 * Perhaps allow a role to inherit from another, or be a concatenation of several?
 * Provide a mechanism for "temporary" users with an expiration date
   * Perhaps allow the user to enter a different role after the expiration date, rather than being removed completely?
+* Optionally bail out when provided user_assignments file cannot be parsed. bin/rs_user_policy:75
 
 == Copyright
 

data/bin/rs_user_policy

@@ -46,6 +46,8 @@ opts = Trollop::options do
   opt :rs_acct_num, "A RightScale Enterprise Master Account ID", :type => :string, :multi => true, :required => true
   opt :policy, "The path to a JSON file containing the role to permissions policy to enforce", :type => :string, :required => true
   opt :user_assignments, "The path to a JSON file containing email address => role pairs for user assignments", :type => :string
+  opt :empty_user_assignments_fatal, "A flag which asserts that the provided user_assigments should contain at least one user_assignment mapping.  If there are 0 user assignments found, rs_user_policy will terminate."
+  opt :audit_dir, "A directory where audit logs will be stored. By default this is the current working directory.", :type => :string
   opt :dry_run, "A flag indicating that no changes should be made, only the user_assignments.json should be evaluated (or created) and the audit_log.json produced"
   opt :authority, "A flag indicating that all users in the user_assignments file \"MUST\" exist, and will always be created.  Effectively asserting that the user_assignments is your canonical authority for users."
 end
@@ -72,7 +74,13 @@ end
 user_assignments_options = opts[:user_assignments] ? { :filename => opts[:user_assignments] } : {}
 user_assignments = RsUserPolicy::UserAssignments::JsonUserAssignments.new(user_assignments_options)
 if user_assignments.length == 0
-  log.warn("No user_assignments file was specified or the file could not be found.  All users will be treated as immutable and written to the user_assigments output file.")
+  if(opts[:empty_user_assignments_fatal])
+    log.fatal("There were 0 user_assigments from filename #{opts[:user_assigments]}.  Exitting due to empty_user_assigments_fatal being set.")
+    exit 1
+  else
+    log.warn("No user_assignments file was specified or the file could not be found.  All users will be treated as immutable and written to the user_assigments output file.")
+  end
+
 end
 
 user_collection = RsUserPolicy::UserCollection.new
@@ -187,4 +195,4 @@ end unless opts[:dry_run]
 user_assignments.serialize(:filename => user_assignments_output)
 audit_log.write_file
 
-exit exit_code
+exit exit_code

data/lib/rs_user_policy/audit_log.rb

@@ -29,10 +29,23 @@ module RsUserPolicy
     # @param [Hash] options A hash of options that impact the audit log filename.
     # @option options [String] :timestamp The timestamp to append to the filename
     # @option options [Bool] :dry_run A boolean indicating if this is a dry run
+    # @option options [String] :audit_dir The directory where the audit log should be created
     def initialize(options={})
       timestamp = options[:timestamp] || Time.now.to_i
       @audit_log = {}
-      @filename = "audit_log#{options[:dry_run] ? '_dryrun' : ''}-#{timestamp}.json"
+      @filename = ''
+
+      if options[:audit_dir]
+        @filename << ::File.join(options[:audit_dir], 'audit_log')
+      else
+        @filename << 'audit_log'
+      end
+
+      if options[:dry_run]
+        @filename << '_dryrun'
+      end
+
+      @filename << "-#{timestamp}.json"
     end
 
     # Adds a new entry to the audit log
@@ -56,4 +69,4 @@ module RsUserPolicy
       File.open(@filename, 'w') {|f| f.write(JSON.pretty_generate(@audit_log))}
     end
   end
-end
+end

data/lib/rs_user_policy/user_assignments/json_user_assignments.rb

@@ -36,9 +36,6 @@ module RsUserPolicy
       # @option options [Hash] :json A hash containing the user assignments
       # @option options [String] :json_str A JSON string containing the user assignments
       # @option options [String] :filename Path and filename to a file containing the user assignments in JSON
-      #
-      # @raise [Errno::ENOENT] If :filename was specified but the policy file does not exist
-      # @raise [JSON::ParserError] If the policy is not valid JSON
       def initialize(options={})
         begin
           if options.has_key?(:json)
@@ -140,4 +137,4 @@ module RsUserPolicy
       end
     end
   end
-end
+end

metadata

@@ -1,20 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: rs_user_policy
 version: !ruby/object:Gem::Version
-  version: 0.1.9
-  prerelease: 
+  version: 0.1.10
 platform: ruby
 authors:
 - Ryan J. Geyer
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-10-03 00:00:00.000000000 Z
+date: 2014-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: right_api_client
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - '='
       - !ruby/object:Gem::Version
@@ -30,7 +27,6 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: trollop
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -41,7 +37,6 @@ dependencies:
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
@@ -57,6 +52,10 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- LICENSE.txt
+- README.rdoc
+- bin/rs_user_policy
+- lib/rs_user_policy.rb
 - lib/rs_user_policy/audit_log.rb
 - lib/rs_user_policy/policy/json_policy.rb
 - lib/rs_user_policy/policy/policy.rb
@@ -67,40 +66,29 @@ files:
 - lib/rs_user_policy/user_assignments/user_assignments.rb
 - lib/rs_user_policy/user_collection.rb
 - lib/rs_user_policy/utilities.rb
-- lib/rs_user_policy.rb
-- bin/rs_user_policy
-- LICENSE.txt
-- README.rdoc
 homepage: https://github.com/rgeyer/rs_user_policy
 licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 1521006983899305700
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 1521006983899305700
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.25
+rubygems_version: 2.2.2
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Manages users across many different child accounts of a RightScale Enterprise
   Master Account
 test_files: []