#!/usr/bin/env rubyrequire 'pp'SCOPE_USERS = { admin: 'admin', read_only_a

1. #!/usr/bin/env ruby
2.  
3. require 'pp'
4.  
5. SCOPE_USERS = {
6. admin: 'admin',
7. read_only_admin: 'read_only_admin',
8. global_auditor: 'global_auditor',
9. }
10.  
11. SPACE_ROLE_USERS = {
12. space_developer: 'SpaceDeveloper',
13. space_manager: 'SpaceManager',
14. space_auditor: 'SpaceAuditor',
15. }
16.  
17. ORG_ROLE_USERS = {
18. org_manager: 'OrgManager',
19. org_auditor: 'OrgAuditor',
20. org_billing_manager: 'BillingManager',
21. }
22.  
23. SUPER_SECURE_PASSWORD='password'
24. SPACE_NAME='space'
25. ORG_NAME='org'
26.  
27. AFFIRMATIONS = ['yes', 'yes, please', 'yes please', '1', 'true']
28.  
29. def main
30. api=ARGV[0]
31. admin_secret=ARGV[1]
32. command=ARGV[2]
33. unless api && admin_secret && command
34. puts 'Usage: SEED_USERS="yes, please" ./user_array <api> <admin secret> "<command>"'
35. exit(1)
36. end
37.  
38. setup_users(admin_secret) if AFFIRMATIONS.include? ENV['SEED_USERS']
39. do_the_thing(api, command, admin_secret)
40. end
41.  
42. def setup_users(admin_secret)
43. puts 'Seeding Users!'
44. setup_scope_users(admin_secret)
45. setup_role_users
46. end
47.  
48. def setup_scope_users(admin_secret)
49. SCOPE_USERS.each do |name, scope|
50. `uaac token client get admin -s #{admin_secret}`
51. `uaac user add #{name} -p #{SUPER_SECURE_PASSWORD}`
52. `uaac group add cloud_controller.#{scope}`
53. `uaac member add cloud_controller.#{scope} #{name}`
54. `cf create-user #{name} #{SUPER_SECURE_PASSWORD}`
55. end
56. end
57.  
58. def setup_role_users
59. SPACE_ROLE_USERS.each do |name, role|
60. `cf create-user #{name} #{SUPER_SECURE_PASSWORD}`
61. `cf set-space-role #{name} #{ORG_NAME} #{SPACE_NAME} #{role}`
62. end
63.  
64. ORG_ROLE_USERS.each do |name, role|
65. `cf create-user #{name} #{SUPER_SECURE_PASSWORD}`
66. `cf set-org-role #{name} #{ORG_NAME} #{role}`
67. end
68. end
69.  
70. RESPONSE_CODE_REGEX = /1\.1 (\d+) \w+/
71. CF_HOME_DIR = '/tmp/user_array'
72.  
73. def do_the_thing(api, command, admin_secret)
74. `mkdir -p #{CF_HOME_DIR}`
75. `CF_HOME=#{CF_HOME_DIR} cf api #{api} --skip-ssl-validation`
76.  
77. all_users = SCOPE_USERS.keys + SPACE_ROLE_USERS.keys + ORG_ROLE_USERS.keys
78. results = all_users.collect do |role|
79. `CF_HOME=#{CF_HOME_DIR} cf auth #{role} #{password(role, admin_secret)}`
80. response = `CF_HOME=#{CF_HOME_DIR} #{command} -v`
81. response_code = RESPONSE_CODE_REGEX.match(response)[1]
82. [role, response_code]
83. end
84. pp results
85. end
86.  
87. def password(user, admin_secret)
88. (user == :admin) ? admin_secret : SUPER_SECURE_PASSWORD
89. end
90.  
91. main()
92.  
93. # Copyright 2018 Greg Cobb
94.  
95. # Permission is hereby granted, free of charge, to any person obtaining a copy
96. # of this software and associated documentation files (the "Software"), to deal
97. # in the Software without restriction, including without limitation the rights
98. # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
99. # copies of the Software, and to permit persons to whom the Software is
100. # furnished to do so, subject to the following conditions:
101.  
102. # The above copyright notice and this permission notice shall be included in
103. # all copies or substantial portions of the Software.
104.  
105. # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
106. # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
107. # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
108. # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
109. # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
110. # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
111. # DEALINGS IN THE SOFTWARE.