Class: Pawnee::Actions::User
- Defined in:
- lib/pawnee/pawnee/actions/user.rb
Overview
The user class handles creating, updating, and deleting users. Users are tied to the login attribute and all other attributes will update based on that login.
Passwords
Instead of putting passwords in code, you should either:
1) not use a password (which is fine for system users) or 2) Set the password value to an encryped password. You can generated an encryped password with the following ruby command:
ruby -e "puts 'password'.crypt('passphrase')"
Instance Attribute Summary collapse
-
#base ⇒ Object
Returns the value of attribute base.
Attributes inherited from BaseModel
Instance Method Summary collapse
- #destroy ⇒ Object
- #exec(*args) ⇒ Object
-
#initialize(base, attributes) ⇒ User
constructor
A new instance of User.
-
#read_from_system ⇒ Object
Pull in the current (starting) state of the attributes for the User model.
- #run(*args) ⇒ Object
-
#save ⇒ Object
Write any changes out.
Methods inherited from BaseModel
change_attr_accessor, #new_record?, #update_attributes
Constructor Details
#initialize(base, attributes) ⇒ User
Returns a new instance of User.
48 49 50 51 52 53 54 55 56 57 58 59 |
# File 'lib/pawnee/pawnee/actions/user.rb', line 48 def initialize(base, attributes) @base = base if attributes[:login] self.login = attributes[:login] # Read the current attributes from the system read_from_system() end # Set the attributes, track what changed update_attributes(attributes) end |
Instance Attribute Details
#base ⇒ Object
Returns the value of attribute base.
46 47 48 |
# File 'lib/pawnee/pawnee/actions/user.rb', line 46 def base @base end |
Instance Method Details
#destroy ⇒ Object
121 122 123 124 125 126 |
# File 'lib/pawnee/pawnee/actions/user.rb', line 121 def destroy self.new_record = true base.as_root do base.exec("userdel #{login}") end end |
#exec(*args) ⇒ Object
61 62 63 |
# File 'lib/pawnee/pawnee/actions/user.rb', line 61 def exec(*args) return base.exec(*args) end |
#read_from_system ⇒ Object
Pull in the current (starting) state of the attributes for the User model
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 |
# File 'lib/pawnee/pawnee/actions/user.rb', line 71 def read_from_system @uid, stderr, exit_code, _ = exec("id -u #{login}", true) @uid = @uid.strip if exit_code == 0 # The login exists, load in more data @gid = exec("id -g #{login}").strip @groups = exec("groups #{login}").gsub(/^[^:]+[:]/, '').strip.split(/ /).sort self.new_record = false # Reject any ones we just changed, so its as if we did a find with these @changed_attributes = @changed_attributes.reject {|k,v| [:uid, :gid, :groups, :login].include?(k.to_sym) } else # No user @uid = nil self.new_record = true end end |
#run(*args) ⇒ Object
65 66 67 |
# File 'lib/pawnee/pawnee/actions/user.rb', line 65 def run(*args) return base.run(*args) end |
#save ⇒ Object
Write any changes out
90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 |
# File 'lib/pawnee/pawnee/actions/user.rb', line 90 def save if changed? raise "A login must be specified" unless login if new_record? # Just create a new user command = ["useradd"] base.say_status :create_user, login else # Modify an existing user command = ["usermod"] base.say_status :update_user, login end # Set options command << "-u #{uid}" if uid && uid_changed? command << "-g #{gid}" if gid && gid_changed? command << "-G #{groups.join(',')}" if groups && groups_changed? command << "-c #{comment.inspect}" if comment && comment_changed? command << "-s #{shell.inspect}" if shell && shell_changed? command << "-p #{password.inspect}" if password && password_changed? command << login base.as_root do base.exec(command.join(' ')) end else base.say_status :user_exists, login, :blue end end |