Blame - _states/jenkins_user.py - salt-formulas/jenkins

blob: 0441b42a9e5b4b8abe7795b3f59729511b0c7a58 [file] [log] [blame]

Jakub Josef	3de91af	2016-12-08 17:03:33 +0100	[diff] [blame]	1	import logging
				2	logger = logging.getLogger(__name__)
				3
				4	create_admin_groovy = u"""\
				5	import jenkins.model.*
				6	import hudson.security.*
				7	def instance = Jenkins.getInstance()
				8	def hudsonRealm = new HudsonPrivateSecurityRealm(false)
				9	def result=hudsonRealm.createAccount("{username}","{password}")
				10	instance.setSecurityRealm(hudsonRealm)
				11	def strategy = new hudson.security.FullControlOnceLoggedInAuthorizationStrategy()
				12	strategy.setAllowAnonymousRead(false)
				13	instance.setAuthorizationStrategy(strategy)
				14	instance.save()
				15	print(result)
Jakub Josef	7ae6b24	2016-12-14 14:41:44 +0100	[diff] [blame]	16	""" # noqa
Jakub Josef	3de91af	2016-12-08 17:03:33 +0100	[diff] [blame]	17
				18
				19	create_user_groovy = u"""\
				20	def result=jenkins.model.Jenkins.instance.securityRealm.createAccount("{username}", "{password}")
				21	print(result)
				22	""" # noqa
				23
Jakub Josef	e380798	2016-12-15 11:54:51 +0100	[diff] [blame^]	24
Jakub Josef	3de91af	2016-12-08 17:03:33 +0100	[diff] [blame]	25	def present(name, username, password, admin=False):
				26	"""
				27	Main jenkins users state method
				28
				29	:param username: user name
				30	:param password: user password
				31	:param admin: is admin user flag (username will be always admin)
				32	:returns: salt-specified state dict
				33	"""
				34	test = __opts__['test'] # noqa
				35	ret = {
				36	'name': username,
				37	'changes': {},
				38	'result': False,
				39	'comment': '',
				40	}
				41
				42	result = False
				43	if test:
				44	status = 'CREATED'
				45	ret['changes'][username] = status
				46	ret['comment'] = 'User %s %s' % (username, status.lower())
				47	else:
Jakub Josef	7ae6b24	2016-12-14 14:41:44 +0100	[diff] [blame]	48	# try to call jenkins script api with given user and password to prove
				49	# his existence
				50	user_exists_result = __salt__['jenkins_common.call_groovy_script'](
Jakub Josef	e380798	2016-12-15 11:54:51 +0100	[diff] [blame^]	51	"print(\"TEST\")", {"username": username}, username, password, [200, 401])
Jakub Josef	7ae6b24	2016-12-14 14:41:44 +0100	[diff] [blame]	52	user_exists = user_exists_result and user_exists_result[
				53	"code"] == 200 and user_exists_result["msg"].count("TEST") == 1
				54	if not user_exists:
				55	call_result = __salt__['jenkins_common.call_groovy_script'](
				56	create_admin_groovy if admin else create_user_groovy, {"username": username, "password": password})
				57	if call_result["code"] == 200 and call_result["msg"].count(username) == 1:
				58	status = "CREATED" if not admin else "ADMIN CREATED"
				59	ret['changes'][username] = status
				60	ret['comment'] = 'User %s %s' % (username, status.lower())
				61	result = True
				62	else:
				63	status = 'FAILED'
				64	logger.error("Jenkins user API call failure: %s",
				65	call_result["msg"])
				66	ret['comment'] = 'Jenkins user API call failure: %s' % (call_result[
				67	"msg"])
				68	else:
				69	status = "EXISTS"
Jakub Josef	3de91af	2016-12-08 17:03:33 +0100	[diff] [blame]	70	ret['comment'] = 'User %s %s' % (username, status.lower())
				71	result = True
Jakub Josef	3de91af	2016-12-08 17:03:33 +0100	[diff] [blame]	72	ret['result'] = None if test else result
				73	return ret