Module: PeRbac::Action

Defined in:

lib/pe_rbac/action.rb

Class Method Summary

• .login(login, password, lifetime = false) ⇒ Object
• .reset_password(login, password) ⇒ Object
• .show_permissions ⇒ Object
• .token(login, password, lifetime = false) ⇒ Object

  Token.

Class Method Details

.login(login, password, lifetime = false) ⇒ Object

# File 'lib/pe_rbac/action.rb', line 42

def self.login(login, password, lifetime=false)
  dirname = Dir.home + '/.puppetlabs'
  tokenfile = dirname + '/token'
  if ! Dir.exist?(dirname)
    Dir.mkdir(dirname, 0700)
  end
  File.write(tokenfile, token(login, password, lifetime))
  File.chmod(0600, tokenfile)
end

.reset_password(login, password) ⇒ Object

# File 'lib/pe_rbac/action.rb', line 52

def self.reset_password(login, password)
  # lookup user id
  user_id = User::get_user_id(login)
  status = false
  if user_id
    # get password reset token
    reset_token = PeRbac::Core::request(:post, "/users/#{user_id}/password/reset").body

    # reset password
    PeRbac::Core::request(:post, '/auth/reset', {
      'token'     => reset_token,
      'password'  => password,
    })
    status = true
  end
  status
end

.show_permissions ⇒ Object

# File 'lib/pe_rbac/action.rb', line 70

def self.show_permissions
  resp = PeRbac::Permission::get_permissions
  puts JSON.pretty_generate(resp)
end

.token(login, password, lifetime = false) ⇒ Object

Token

# File 'lib/pe_rbac/action.rb', line 28

def self.token(login, password, lifetime=false)
  payload = {
    "login"     => login,
    "password"  => password,
  }

  # see https://docs.puppet.com/pe/latest/rbac_token_auth.html#setting-a-token-specific-lifetime
  if lifetime
    payload["lifetime"] = lifetime
  end
  resp = PeRbac::Core::request(:post, '/auth/token', payload)
  resp ? JSON.parse(resp.body)['token'] : false
end