Class: Opc::OpcUserPassword
- Inherits:
-
Chef::Knife
- Object
- Chef::Knife
- Opc::OpcUserPassword
- Includes:
- Chef::Mixin::RootRestv0
- Defined in:
- lib/chef/knife/opc_user_password.rb
Instance Method Summary collapse
Methods included from Chef::Mixin::RootRestv0
Instance Method Details
#run ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
# File 'lib/chef/knife/opc_user_password.rb', line 32 def run # check that correct number of args was passed, should be either # USERNAME PASSWORD or USERNAME --enable-external-auth # # note that you can't pass USERNAME PASSWORD --enable-external-auth unless (@name_args.length == 2 && !config[:enable_external_auth]) || (@name_args.length == 1 && config[:enable_external_auth]) show_usage ui.fatal("You must pass two arguments") ui.fatal("Note that --enable-external-auth cannot be passed with a password") exit 1 end user_name = @name_args[0] # note that this will be nil if config[:enable_external_auth] is true password = @name_args[1] # since the API does not pass back whether recovery_authentication_enabled is # true or false, there is no way of knowing if the user is using ldap or not, # so we will update the user every time, instead of checking if we are actually # changing anything before we PUT. user = root_rest.get("users/#{user_name}") user["password"] = password unless password.nil? # if --enable-external-auth was passed, enable it, else disable it. # there is never a situation where we would want to enable ldap # AND change the password. changing the password means that the user # wants to disable ldap and put user in recover (if they are using ldap). user["recovery_authentication_enabled"] = !config[:enable_external_auth] begin root_rest.put("users/#{user_name}", user) rescue => e raise e end ui.msg("Authentication info updated for #{user_name}.") end |