Class: Puppet::Util::ADSI::User

Inherits:

Object

• Object
• Puppet::Util::ADSI::User

Extended by:

Enumerable

Defined in:

lib/puppet/util/adsi.rb

Instance Attribute Summary

• #name ⇒ Object readonly

  Returns the value of attribute name.

• #native_user ⇒ Object

  Returns the value of attribute native_user.

Class Method Summary

• .create(name) ⇒ Object
• .delete(name) ⇒ Object
• .each(&block) ⇒ Object
• .exists?(name) ⇒ Boolean
• .logon(name, password) ⇒ Object
• .uri(name) ⇒ Object

Instance Method Summary

• #[](attribute) ⇒ Object
• #[]=(attribute, value) ⇒ Object
• #add_flag(flag_name, value) ⇒ Object
• #add_to_groups(*group_names) ⇒ Object (also: #add_to_group)
• #commit ⇒ Object
• #groups ⇒ Object
• #initialize(name, native_user = nil) ⇒ User constructor

  A new instance of User.

• #password=(password) ⇒ Object
• #password_is?(password) ⇒ Boolean
• #remove_from_groups(*group_names) ⇒ Object (also: #remove_from_group)
• #set_groups(desired_groups, minimum = true) ⇒ Object
• #uri ⇒ Object

Constructor Details

#initialize(name, native_user = nil) ⇒ User

Returns a new instance of User.

# File 'lib/puppet/util/adsi.rb', line 70

def initialize(name, native_user = nil)
  @name = name
  @native_user = native_user
end

Instance Attribute Details

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/puppet/util/adsi.rb', line 69

def name
  @name
end

#native_user ⇒ Object

Returns the value of attribute native_user.

# File 'lib/puppet/util/adsi.rb', line 68

def native_user
  @native_user
end

Class Method Details

.create(name) ⇒ Object

Raises:

• (Puppet::Error)

# File 'lib/puppet/util/adsi.rb', line 177

def self.create(name)
  # Windows error 1379: The specified local group already exists.
  raise Puppet::Error.new( "Cannot create user if group '#{name}' exists." ) if Puppet::Util::ADSI::Group.exists? name
  new(name, Puppet::Util::ADSI.create(name, 'user'))
end

.delete(name) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 187

def self.delete(name)
  Puppet::Util::ADSI.delete(name, 'user')
end

.each(&block) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 191

def self.each(&block)
  wql = Puppet::Util::ADSI.execquery("select * from win32_useraccount")

  users = []
  wql.each do |u|
    users << new(u.name, u)
  end

  users.each(&block)
end

.exists?(name) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/puppet/util/adsi.rb', line 183

def self.exists?(name)
  Puppet::Util::ADSI::connectable?(User.uri(name))
end

.logon(name, password) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 87

def self.logon(name, password)
  fLOGON32_LOGON_NETWORK = 3
  fLOGON32_PROVIDER_DEFAULT = 0

  logon_user = Win32API.new("advapi32", "LogonUser", ['P', 'P', 'P', 'L', 'L', 'P'], 'L')
  close_handle = Win32API.new("kernel32", "CloseHandle", ['P'], 'V')

  token = ' ' * 4
  if logon_user.call(name, "", password, fLOGON32_LOGON_NETWORK, fLOGON32_PROVIDER_DEFAULT, token) != 0
    close_handle.call(token.unpack('L')[0])
    true
  else
    false
  end
end

.uri(name) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 79

def self.uri(name)
  Puppet::Util::ADSI.uri(name, 'user')
end

Instance Method Details

#[](attribute) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 103

def [](attribute)
  native_user.Get(attribute)
end

#[]=(attribute, value) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 107

def []=(attribute, value)
  native_user.Put(attribute, value)
end

#add_flag(flag_name, value) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 124

def add_flag(flag_name, value)
  flag = native_user.Get(flag_name) rescue 0

  native_user.Put(flag_name, flag | value)

  commit
end

#add_to_groups(*group_names) ⇒ Object Also known as: add_to_group

# File 'lib/puppet/util/adsi.rb', line 146

def add_to_groups(*group_names)
  group_names.each do |group_name|
    Puppet::Util::ADSI::Group.new(group_name).add_member(@name)
  end
end

#commit ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 111

def commit
  begin
    native_user.SetInfo unless native_user.nil?
  rescue Exception => e
    raise Puppet::Error.new( "User update failed: #{e}" )
  end
  self
end

#groups ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 139

def groups
  # WIN32OLE objects aren't enumerable, so no map
  groups = []
  native_user.Groups.each {|g| groups << g.Name} rescue nil
  groups
end

#password=(password) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 132

def password=(password)
  native_user.SetPassword(password)
  commit
  fADS_UF_DONT_EXPIRE_PASSWD = 0x10000
  add_flag("UserFlags", fADS_UF_DONT_EXPIRE_PASSWD)
end

#password_is?(password) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/puppet/util/adsi.rb', line 120

def password_is?(password)
  self.class.logon(name, password)
end

#remove_from_groups(*group_names) ⇒ Object Also known as: remove_from_group

# File 'lib/puppet/util/adsi.rb', line 153

def remove_from_groups(*group_names)
  group_names.each do |group_name|
    Puppet::Util::ADSI::Group.new(group_name).remove_member(@name)
  end
end

#set_groups(desired_groups, minimum = true) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 160

def set_groups(desired_groups, minimum = true)
  return if desired_groups.nil? or desired_groups.empty?

  desired_groups = desired_groups.split(',').map(&:strip)

  current_groups = self.groups

  # First we add the user to all the groups it should be in but isn't
  groups_to_add = desired_groups - current_groups
  add_to_groups(*groups_to_add)

  # Then we remove the user from all groups it is in but shouldn't be, if
  # that's been requested
  groups_to_remove = current_groups - desired_groups
  remove_from_groups(*groups_to_remove) unless minimum
end

#uri ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 83

def uri
  self.class.uri(name)
end