|
1
|
|
|
# frozen_string_literal: true |
|
2
|
|
|
|
|
3
|
|
|
require_relative '../mixin/entity' |
|
4
|
|
|
require_relative 'policy' |
|
5
|
|
|
require_relative 'public_key' |
|
6
|
|
|
require_relative 'private_key' |
|
7
|
|
|
require_relative 'privilege' |
|
8
|
|
|
|
|
9
|
|
|
module AMA |
|
10
|
|
|
module Chef |
|
11
|
|
|
module User |
|
12
|
|
|
module Model |
|
13
|
|
|
# Depicts linux user account |
|
14
|
|
|
# |
|
15
|
|
|
# Private and public keys are stored in { owner => { owner keys } } |
|
16
|
|
|
# structure (grouped by effective owner). |
|
17
|
|
|
# |
|
18
|
|
|
# @!attribute id |
|
19
|
|
|
# @return [Symbol] |
|
20
|
|
|
# @!attribute privileges |
|
21
|
|
|
# @return [Hash{Symbol, Privilege}] |
|
22
|
|
|
# @!attribute public_keys |
|
23
|
|
|
# @return [Hash{Symbol, Hash{Symbol, PublicKey}}] |
|
24
|
|
|
# @!attribute private_keys |
|
25
|
|
|
# @return [Hash{Symbol, Hash{Symbol, PrivateKey}] |
|
26
|
|
|
# @!attribute policy |
|
27
|
|
|
# @return [Symbol] :edit or :manage |
|
28
|
|
|
class Account |
|
29
|
|
|
include Mixin::Entity |
|
30
|
|
|
|
|
31
|
|
|
# rubocop:disable Metrics/LineLength |
|
32
|
|
|
attribute :id, Symbol |
|
33
|
|
|
attribute :privileges, [Hash, K: Symbol, V: Privilege], default: {} |
|
34
|
|
|
attribute :public_keys, [Hash, K: Symbol, V: [Hash, K: Symbol, V: PublicKey]], default: {} |
|
35
|
|
|
attribute :private_keys, [Hash, K: Symbol, V: [Hash, K: Symbol, V: PrivateKey]], default: {} |
|
36
|
|
|
attribute :policy, Policy, default: Policy::NONE |
|
37
|
|
|
# rubocop:enable Metrics/LineLength |
|
38
|
|
|
|
|
39
|
|
|
denormalizer_block do |input, type, context, &block| |
|
40
|
|
|
if input.is_a?(Hash) && [:id, 'id'].none? { |key| input.key?(key) } |
|
41
|
|
|
input[:id] = context.path.current.name |
|
42
|
|
|
end |
|
43
|
|
|
block.call(input, type, context) |
|
44
|
|
|
end |
|
45
|
|
|
|
|
46
|
|
|
def initialize(id = nil) |
|
47
|
|
|
@id = id |
|
48
|
|
|
@privileges = {} |
|
49
|
|
|
@public_keys = {} |
|
50
|
|
|
@private_keys = {} |
|
51
|
|
|
@policy = Policy::NONE |
|
52
|
|
|
end |
|
53
|
|
|
|
|
54
|
|
|
def policy=(policy) |
|
55
|
|
|
@policy = Policy.wrap(policy) |
|
56
|
|
|
end |
|
57
|
|
|
|
|
58
|
|
|
def public_keys!(client_id) |
|
59
|
|
|
public_keys[client_id] = {} unless public_keys.key?(client_id) |
|
60
|
|
|
public_keys[client_id] |
|
61
|
|
|
end |
|
62
|
|
|
|
|
63
|
|
|
def private_keys!(client_id) |
|
64
|
|
|
private_keys[client_id] = {} unless private_keys.key?(client_id) |
|
65
|
|
|
private_keys[client_id] |
|
66
|
|
|
end |
|
67
|
|
|
|
|
68
|
|
|
# rubocop:disable Metrics/AbcSize |
|
69
|
|
|
# @param [Account] other |
|
70
|
|
|
def merge(other) |
|
71
|
|
|
other.privileges.each do |type, privilege| |
|
72
|
|
|
privileges[type] = privilege unless privileges[type] |
|
73
|
|
|
privileges[type].options.merge!(privilege.options) |
|
74
|
|
|
end |
|
75
|
|
|
other.public_keys.each do |owner, keys| |
|
76
|
|
|
public_keys!(owner).merge!(keys) |
|
77
|
|
|
end |
|
78
|
|
|
other.private_keys.each do |owner, keys| |
|
79
|
|
|
private_keys!(owner).merge!(keys) |
|
80
|
|
|
end |
|
81
|
|
|
self.policy = [policy, other.policy].max |
|
82
|
|
|
self |
|
83
|
|
|
end |
|
84
|
|
|
# rubocop:enable Metrics/AbcSize |
|
85
|
|
|
|
|
86
|
|
|
def to_s |
|
87
|
|
|
"Account :#{id} { policy: :#{policy} }" |
|
88
|
|
|
end |
|
89
|
|
|
end |
|
90
|
|
|
end |
|
91
|
|
|
end |
|
92
|
|
|
end |
|
93
|
|
|
end |
|
94
|
|
|
|
ama-team /
cookbook-linux-user-management
