Last active
October 13, 2015 18:28
-
-
Save ryancragun/4238202 to your computer and use it in GitHub Desktop.
add new user
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # provisions a user and sets permissions | |
| # [email protected] | |
| require 'rubygems' | |
| require 'right_api_client' | |
| require 'highline/import' | |
| raise "right_api_client version 1.5.9 is required for this script" unless Gem.loaded_specs['right_api_client'].version.to_s == "1.5.9" | |
| def collect_user_attributes | |
| attrs={} | |
| puts "New User information:" | |
| %w{first_name last_name email company phone}.each do |attr| | |
| puts "What is the the users #{attr}?" | |
| res = gets.chomp | |
| attrs[attr.to_sym] = res unless res.empty? | |
| end | |
| puts "Do you want to enable (P)assword or (S)ingle Sign-on authentication?" | |
| res = gets.chomp.downcase | |
| if res =~ /s/ | |
| puts "What is the users principal_uid (idP NameID)?" | |
| attrs[:principal_uid] = gets.chomp | |
| idps = @client.identity_providers.index | |
| if idps.length == 1 | |
| attrs[:identity_provider_href] = idps.first.href | |
| puts "Only 1 Identity Provider was found, defaulting to '#{idps.first.name}'" | |
| else | |
| puts "What is account SAML IdP name? (leave blank if unsure)" | |
| attrs[:idp_name] = gets.chomp | |
| puts "What is the SAML idP 'Discovery Hint'? (leave blank if unsure)" | |
| attrs[:idp_hint] = gets.chomp | |
| idps.each do |idp| | |
| if attrs[:idp_name].length > 0 | |
| (attrs[:identity_provider_href] = idp.href) && break if idp.name == attrs[:idp_name] | |
| elsif attrs[:idp_hint].length > 0 | |
| (attrs[:identity_provider_href] = idp.href) && break if idp.discovery_hint == attrs[:idp_hint] | |
| else | |
| next unless (attrs[:idp_hint].empty? && attrs[:idp_name].empty?) | |
| puts "You must supply either a Discovery Hint or SAML idP Name when using SSO" | |
| puts "Please try again or contact Support for assistance in locating these values" | |
| collect_user_attributes() | |
| end | |
| end | |
| end | |
| elsif res =~ /p/ | |
| attrs[:password] = ask("What would you like the users password to be? ") { |q| q.echo = false } | |
| else | |
| puts "Unrecognized option, please try again" && collect_user_attributes() | |
| end | |
| attrs | |
| end | |
| def client_login | |
| login={} | |
| puts "Admin Login:\n" | |
| %w{account_id email}.each do |attr| | |
| puts "What is your #{attr}?" | |
| login[attr.to_sym] = gets.chomp | |
| end | |
| login[:password] = ask("What is your password?") { |q| q.echo = false } | |
| @client = RightApi::Client.new(:account_id => login[:account_id], :email => login[:email], :password => login[:password]) | |
| puts "You've successfully authenticated with RightScale!" | |
| @client | |
| end | |
| def collect_user_roles | |
| roles=["observer"] | |
| %w{admin actor designer library security_manager server_login}.each do |role| | |
| puts "Do you want to enable the #{role} role on the account? [Y/n]" | |
| roles.push(role) unless gets.chomp.downcase =~ /n/ | |
| end | |
| roles | |
| end | |
| def apply_permissions(user, roles) | |
| puts "Applying roles..." | |
| roles.each do |role| | |
| res = @client.permissions.create({:permission => {:role_title => role, :user_href => user.href}}) | |
| end | |
| end | |
| loop do | |
| @client ||= client_login() | |
| attrs = collect_user_attributes() | |
| roles = collect_user_roles() | |
| puts "Creating new user..." | |
| user = @client.users.create({:user => attrs}) | |
| apply_permissions(user, roles) | |
| puts "User successfully added" | |
| puts "(q)uit or (a)dd another user?" | |
| break unless gets.chomp =~ /a/ | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment