Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env ruby
- require 'pp'
- SCOPE_USERS = {
- admin: 'admin',
- read_only_admin: 'read_only_admin',
- global_auditor: 'global_auditor',
- }
- SPACE_ROLE_USERS = {
- space_developer: 'SpaceDeveloper',
- space_manager: 'SpaceManager',
- space_auditor: 'SpaceAuditor',
- }
- ORG_ROLE_USERS = {
- org_manager: 'OrgManager',
- org_auditor: 'OrgAuditor',
- org_billing_manager: 'BillingManager',
- }
- SUPER_SECURE_PASSWORD='password'
- SPACE_NAME='space'
- ORG_NAME='org'
- AFFIRMATIONS = ['yes', 'yes, please', 'yes please', '1', 'true']
- def main
- api=ARGV[0]
- admin_secret=ARGV[1]
- command=ARGV[2]
- unless api && admin_secret && command
- puts 'Usage: SEED_USERS="yes, please" ./user_array <api> <admin secret> "<command>"'
- exit(1)
- end
- setup_users(admin_secret) if AFFIRMATIONS.include? ENV['SEED_USERS']
- do_the_thing(api, command, admin_secret)
- end
- def setup_users(admin_secret)
- puts 'Seeding Users!'
- setup_scope_users(admin_secret)
- setup_role_users
- end
- def setup_scope_users(admin_secret)
- SCOPE_USERS.each do |name, scope|
- `uaac token client get admin -s #{admin_secret}`
- `uaac user add #{name} -p #{SUPER_SECURE_PASSWORD}`
- `uaac group add cloud_controller.#{scope}`
- `uaac member add cloud_controller.#{scope} #{name}`
- `cf create-user #{name} #{SUPER_SECURE_PASSWORD}`
- end
- end
- def setup_role_users
- SPACE_ROLE_USERS.each do |name, role|
- `cf create-user #{name} #{SUPER_SECURE_PASSWORD}`
- `cf set-space-role #{name} #{ORG_NAME} #{SPACE_NAME} #{role}`
- end
- ORG_ROLE_USERS.each do |name, role|
- `cf create-user #{name} #{SUPER_SECURE_PASSWORD}`
- `cf set-org-role #{name} #{ORG_NAME} #{role}`
- end
- end
- RESPONSE_CODE_REGEX = /1\.1 (\d+) \w+/
- CF_HOME_DIR = '/tmp/user_array'
- def do_the_thing(api, command, admin_secret)
- `mkdir -p #{CF_HOME_DIR}`
- `CF_HOME=#{CF_HOME_DIR} cf api #{api} --skip-ssl-validation`
- all_users = SCOPE_USERS.keys + SPACE_ROLE_USERS.keys + ORG_ROLE_USERS.keys
- results = all_users.collect do |role|
- `CF_HOME=#{CF_HOME_DIR} cf auth #{role} #{password(role, admin_secret)}`
- response = `CF_HOME=#{CF_HOME_DIR} #{command} -v`
- response_code = RESPONSE_CODE_REGEX.match(response)[1]
- [role, response_code]
- end
- pp results
- end
- def password(user, admin_secret)
- (user == :admin) ? admin_secret : SUPER_SECURE_PASSWORD
- end
- main()
- # Copyright 2018 Greg Cobb
- # Permission is hereby granted, free of charge, to any person obtaining a copy
- # of this software and associated documentation files (the "Software"), to deal
- # in the Software without restriction, including without limitation the rights
- # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- # copies of the Software, and to permit persons to whom the Software is
- # furnished to do so, subject to the following conditions:
- # The above copyright notice and this permission notice shall be included in
- # all copies or substantial portions of the Software.
- # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- # DEALINGS IN THE SOFTWARE.
Add Comment
Please, Sign In to add comment