Class: Chef::Knife::UserDelete
Constant Summary
Constants inherited
from Chef::Knife
CHEF_ORGANIZATION_MANAGEMENT, KNIFE_ROOT, OFFICIAL_PLUGINS, OPSCODE_HOSTED_CHEF_ACCESS_CONTROL, VERSION
Instance Attribute Summary collapse
Attributes inherited from Chef::Knife
#name_args, #ui
Instance Method Summary
collapse
Methods inherited from Chef::Knife
#api_key, #apply_computed_config, category, chef_config_dir, common_name, #config_file_defaults, #config_file_settings, config_loader, #config_source, #configure_chef, #create_object, #delete_object, dependency_loaders, deps, #format_rest_error, guess_category, #humanize_exception, #humanize_http_exception, inherited, #initialize, list_commands, load_commands, load_config, load_deps, #maybe_setup_fips, #merge_configs, msg, #noauth_rest, #parse_options, reset_config_loader!, reset_subcommands!, #rest, #root_rest, run, #run_with_pretty_exceptions, #server_url, #show_usage, snake_case_name, subcommand_category, subcommand_class_from, subcommand_files, subcommand_loader, subcommands, subcommands_by_category, #test_mandatory_field, ui, unnamed?, use_separate_defaults?
Constructor Details
This class inherits a constructor from Chef::Knife
Instance Attribute Details
#username ⇒ Object
Returns the value of attribute username.
41
42
43
|
# File 'lib/chef/knife/user_delete.rb', line 41
def username
@username
end
|
Instance Method Details
#admin_group_memberships(orgs, username) ⇒ Object
96
97
98
99
100
101
102
103
104
105
106
107
108
|
# File 'lib/chef/knife/user_delete.rb', line 96
def admin_group_memberships(orgs, username)
admin_of = []
unremovable = []
orgs.each do |org|
if org.user_member_of_group?(username, "admins")
admin_of << org
if org.actor_delete_would_leave_admins_empty?
unremovable << org
end
end
end
[admin_of, unremovable]
end
|
#delete_user(username) ⇒ Object
110
111
112
113
|
# File 'lib/chef/knife/user_delete.rb', line 110
def delete_user(username)
ui.stderr.puts "Deleting user #{username}."
root_rest.delete("users/#{username}")
end
|
#disassociate_user(orgs, username) ⇒ Object
80
81
82
|
# File 'lib/chef/knife/user_delete.rb', line 80
def disassociate_user(orgs, username)
orgs.each { |org| org.dissociate_user(username) }
end
|
#error_exit_admin_group_member!(username, admin_of) ⇒ Object
Error message that says how to removed from org admin groups before deleting Further
118
119
120
121
122
123
124
125
126
127
128
129
|
# File 'lib/chef/knife/user_delete.rb', line 118
def error_exit_admin_group_member!(username, admin_of)
message = "#{username} is in the 'admins' group of the following organization(s):\n\n"
admin_of.each { |org| message << "- #{org.name}\n" }
message << <<~EOM
Run this command again with the --remove-from-admin-groups option to
remove the user from these admin group(s) automatically.
EOM
ui.fatal message
exit 1
end
|
#error_exit_cant_remove_admin_membership!(username, only_admin_of) ⇒ Object
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
# File 'lib/chef/knife/user_delete.rb', line 131
def error_exit_cant_remove_admin_membership!(username, only_admin_of)
message = <<~EOM
#{username} is the only member of the 'admins' group of the
following organization(s):
EOM
only_admin_of.each { |org| message << "- #{org.name}\n" }
message << <<~EOM
Removing the only administrator of an organization can break it.
Assign additional users or groups to the admin group(s) before
deleting this user.
EOM
ui.fatal message
exit 1
end
|
#org_memberships(username) ⇒ Object
84
85
86
87
|
# File 'lib/chef/knife/user_delete.rb', line 84
def org_memberships(username)
org_data = root_rest.get("users/#{username}/organizations")
org_data.map { |org| Chef::Org.new(org["organization"]["name"]) }
end
|
#remove_from_admin_groups(admin_of, username) ⇒ Object
89
90
91
92
93
94
|
# File 'lib/chef/knife/user_delete.rb', line 89
def remove_from_admin_groups(admin_of, username)
admin_of.each do |org|
ui.stderr.puts "Removing #{username} from admins group of '#{org.name}'"
org.remove_user_from_group("admins", username)
end
end
|
#run ⇒ Object
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
# File 'lib/chef/knife/user_delete.rb', line 43
def run
@username = @name_args[0]
admin_memberships = []
unremovable_memberships = []
if @username.nil?
show_usage
ui.fatal("You must specify a user name")
exit 1
end
ui.confirm "Do you want to delete the user #{username}"
unless config[:no_disassociate_user]
ui.stderr.puts("Checking organization memberships...")
orgs = org_memberships(username)
if orgs.length > 0
ui.stderr.puts("Checking admin group memberships for #{orgs.length} org(s).")
admin_memberships, unremovable_memberships = admin_group_memberships(orgs, username)
end
unless admin_memberships.empty?
unless config[:remove_from_admin_groups]
error_exit_admin_group_member!(username, admin_memberships)
end
unless unremovable_memberships.empty?
error_exit_cant_remove_admin_membership!(username, unremovable_memberships)
end
remove_from_admin_groups(admin_memberships, username)
end
disassociate_user(orgs, username)
end
delete_user(username)
end
|