Class: Pawnee::Actions::User

Inherits:

BaseModel

• Object
• BaseModel
• Pawnee::Actions::User

Defined in:

lib/pawnee/pawnee/actions/user.rb

Overview

The user class handles creating, updating, and deleting users. Users are tied to the login attribute and all other attributes will update based on that login.

Passwords

Instead of putting passwords in code, you should either:

1) not use a password (which is fine for system users) or 2) Set the password value to an encryped password. You can generated an encryped password with the following ruby command:

ruby -e "puts 'password'.crypt('passphrase')"

Instance Attribute Summary

• #base ⇒ Object

  Returns the value of attribute base.

Attributes inherited from BaseModel

#new_record

Instance Method Summary

• #destroy ⇒ Object
• #exec(*args) ⇒ Object
• #initialize(base, attributes) ⇒ User constructor

  A new instance of User.

• #read_from_system ⇒ Object

  Pull in the current (starting) state of the attributes for the User model.

• #run(*args) ⇒ Object
• #save ⇒ Object

  Write any changes out.

Methods inherited from BaseModel

change_attr_accessor, #new_record?, #update_attributes

Constructor Details

#initialize(base, attributes) ⇒ User

Returns a new instance of User.

# File 'lib/pawnee/pawnee/actions/user.rb', line 48

def initialize(base, attributes)
  @base = base
  
  if attributes[:login]
    self.login = attributes[:login]
    # Read the current attributes from the system
    read_from_system()
  end
  
  # Set the attributes, track what changed
  update_attributes(attributes)
end

Instance Attribute Details

#base ⇒ Object

Returns the value of attribute base.

# File 'lib/pawnee/pawnee/actions/user.rb', line 46

def base
  @base
end

Instance Method Details

#destroy ⇒ Object

# File 'lib/pawnee/pawnee/actions/user.rb', line 121

def destroy
  self.new_record = true
  base.as_root do
    base.exec("userdel #{login}")
  end
end

#exec(*args) ⇒ Object

# File 'lib/pawnee/pawnee/actions/user.rb', line 61

def exec(*args)
  return base.exec(*args)
end

#read_from_system ⇒ Object

Pull in the current (starting) state of the attributes for the User model

# File 'lib/pawnee/pawnee/actions/user.rb', line 71

def read_from_system
  @uid, stderr, exit_code, _ = exec("id -u #{login}", true)
  @uid = @uid.strip
  if exit_code == 0
    # The login exists, load in more data
    @gid = exec("id -g #{login}").strip
    @groups = exec("groups #{login}").gsub(/^[^:]+[:]/, '').strip.split(/ /).sort
    self.new_record = false

    # Reject any ones we just changed, so its as if we did a find with these
    @changed_attributes = @changed_attributes.reject {|k,v| [:uid, :gid, :groups, :login].include?(k.to_sym) }
  else
    # No user
    @uid = nil
    self.new_record = true
  end
end

#run(*args) ⇒ Object

# File 'lib/pawnee/pawnee/actions/user.rb', line 65

def run(*args)
  return base.run(*args)
end

#save ⇒ Object

Write any changes out

# File 'lib/pawnee/pawnee/actions/user.rb', line 90

def save
  if changed?
    raise "A login must be specified" unless login
    
    if new_record?
      # Just create a new user
      command = ["useradd"]
      base.say_status :create_user, login
    else
      # Modify an existing user
      command = ["usermod"]
      base.say_status :update_user, login
    end
    
    # Set options
    command << "-u #{uid}" if uid && uid_changed?
    command << "-g #{gid}" if gid && gid_changed?
    command << "-G #{groups.join(',')}" if groups && groups_changed?
    command << "-c #{comment.inspect}" if comment && comment_changed?
    command << "-s #{shell.inspect}" if shell && shell_changed?
    command << "-p #{password.inspect}" if password && password_changed?
    command << login
    
    base.as_root do
      base.exec(command.join(' '))
    end
  else
    base.say_status :user_exists, login, :blue
  end
end