Module: OpenDirectoryUtils::CommandsBase

Includes:

CleanCheck

Included in:

CommandsGroups, CommandsUserAttribs, CommandsUserCreateRemove, Connection

Defined in:

lib/open_directory_utils/commands_base.rb

Overview

developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man1/dscl.1.html superuser.com/questions/592921/mac-osx-users-vs-dscl-command-to-list-user/621055?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa

Instance Method Summary

• #build_dscl_command(attribs, dir_info) ⇒ Object

  TODO: switch to template pattern.

• #build_dseditgroup_command(params, dir_info) ⇒ Object

  www.manpagez.com/man/8/dseditgroup/ make a new group: dseditgroup -o create -n /LDAPv3/ldap.company.com -u dir_admin_user -P dir_admin_passwd \ -r “Real Group Name” -c “a comment” -k “keyword” groupname delete a new group: dseditgroup -o delete -n /LDAPv3/ldap.company.com -u dir_admin_user -P dir_admin_passwd groupname add a user to a group dseditgroup -o edit -n /LDAPv3/ldap.company.com -u dir_admin_user -P dir_admin_passwd -a username -t user groupname remove a user from a group dseditgroup -o edit -n /LDAPv3/ldap.company.com -u dir_admin_user -P dir_admin_passwd -d username -t user groupname.

• #build_pwpolicy_command(attribs, dir_info) ⇒ Object

  /usr/bin/pwpolicy -a diradmin -p “BigSecret” -u username -setpolicy “isDisabled=0”.

• #dscl(attribs, dir_info) ⇒ Object

  builds the dscl command (after checking parameters).

• #dseditgroup(attribs, dir_info) ⇒ Object
• #pwpolicy(params, dir_info) ⇒ Object

  builds the pwpolicy commands (after checking parameters).

Methods included from CleanCheck

#assert, #check_critical_attribute, #group_record_name_alternatives, #tidy_attribs, #user_record_name_alternatives

Instance Method Details

#build_dscl_command(attribs, dir_info) ⇒ Object

TODO: switch to template pattern

# File 'lib/open_directory_utils/commands_base.rb', line 64

def build_dscl_command(attribs, dir_info)
  # allow :recordname to be passed-in if using dscl directly
  attribs[:record_name] = attribs[:record_name] || attribs[:recordname]
  # /usr/bin/dscl -u diradmin -P "BigSecret" /LDAPv3/127.0.0.1 -append /Users/$UID_USERNAME apple-keyword "$VALUE"
  # "/usr/bin/dscl -plist -u #{od_username} -P #{od_password} #{od_dsclpath} -#{command} #{resource} #{params}"
  ans  = %Q[#{dir_info[:dscl]}]
  unless attribs[:format].nil?
    ans += ' -plist'                           if attribs[:format].eql? 'plist' or
                                                  attribs[:format].eql? 'xml'
  end
  ans += %Q[ -u #{dir_info[:username]}]    unless dir_info[:username].nil? or
                                                  dir_info[:username].empty? or
                                                  attribs[:action].eql? 'auth'
  ans += %Q[ -P "#{dir_info[:password]}"]  unless dir_info[:password].nil? or
                                                  dir_info[:password].empty? or
                                                  attribs[:action].eql? 'auth'
  ans += " #{dir_info[:data_path]}"

  ans += %Q[ -#{attribs[:action]}]
  ans += %Q[ #{attribs[:record_name]}]         if attribs[:action].eql? 'auth'
  ans += %Q[ /#{attribs[:scope]}/#{attribs[:record_name]}] unless
                                                  attribs[:action].eql? 'auth'
  ans += %Q[ #{attribs[:attribute]}]       unless attribs[:attribute].nil? or
                                                  attribs[:attribute].empty?
  ans += %Q[ "#{attribs[:value]}"]         unless attribs[:value].nil? or
                                                  attribs[:value].empty?
  attribs[:value] = nil
  return ans
end

#build_dseditgroup_command(params, dir_info) ⇒ Object

www.manpagez.com/man/8/dseditgroup/ make a new group: dseditgroup -o create -n /LDAPv3/ldap.company.com -u dir_admin_user -P dir_admin_passwd \

-r "Real Group Name" -c "a comment" -k "keyword" groupname

delete a new group: dseditgroup -o delete -n /LDAPv3/ldap.company.com -u dir_admin_user -P dir_admin_passwd groupname add a user to a group dseditgroup -o edit -n /LDAPv3/ldap.company.com -u dir_admin_user -P dir_admin_passwd -a username -t user groupname remove a user from a group dseditgroup -o edit -n /LDAPv3/ldap.company.com -u dir_admin_user -P dir_admin_passwd -d username -t user groupname

# File 'lib/open_directory_utils/commands_base.rb', line 104

def build_dseditgroup_command( params, dir_info )
  ans  = %Q[#{dir_info[:dsedit]}]
  ans += %Q[ -o #{params[:operation]}]
  ans += %Q[ -u #{dir_info[:username]}]    unless dir_info[:username].nil? or
                                                  dir_info[:username].empty?
  ans += %Q[ -P "#{dir_info[:password]}"]  unless dir_info[:password].nil? or
                                                  dir_info[:password].empty?
  ans += %Q[ -n #{dir_info[:data_path]}]
  if params[:operation].eql?('create')
    ans += %Q[ -r "#{params[:value]}"]         if params[:real_name].to_s.eql?('')
    ans += %Q[ -r "#{params[:real_name]}"] unless params[:real_name].to_s.eql?('')
    ans += %Q[ -k #{params[:keyword]}]     unless params[:keyword].to_s.eql?('')
  end
  ans += %Q[ -m #{params[:record_name]}]       if params[:operation].to_s.eql?('checkmember')
  if params[:operation].eql?('edit')
    ans += %Q[ -a #{params[:record_name]}]     if params[:action].to_s.eql?('add')
    ans += %Q[ -d #{params[:record_name]}]     if params[:action].to_s.eql?('delete')
    ans += %Q[ -t #{params[:type]}]            # type can be user or group
  end
  ans += %Q[ #{params[:value]}]   # the group to be manipulated
  params[:value] = nil
  return ans
end

#build_pwpolicy_command(attribs, dir_info) ⇒ Object

/usr/bin/pwpolicy -a diradmin -p “BigSecret” -u username -setpolicy “isDisabled=0”

# File 'lib/open_directory_utils/commands_base.rb', line 48

def build_pwpolicy_command(attribs, dir_info)
  ans  = %Q[#{dir_info[:pwpol]}]
  ans += %Q[ -a #{dir_info[:username]}]    unless dir_info[:username].nil? or
                                                  dir_info[:username].empty?
  ans += %Q[ -p "#{dir_info[:password]}"]  unless dir_info[:password].nil? or
                                                  dir_info[:password].empty?
  ans += %Q[ -n #{dir_info[:data_path]}]
  ans += %Q[ -u #{attribs[:record_name]}]
  ans += %Q[ -#{attribs[:attribute]}]
  ans += %Q[ "#{attribs[:value]}"]         unless attribs[:value].nil? or
                                                  attribs[:value].empty?
  attribs[:value] = nil
  return ans
end

#dscl(attribs, dir_info) ⇒ Object

builds the dscl command (after checking parameters)

# File 'lib/open_directory_utils/commands_base.rb', line 24

def dscl(attribs, dir_info)
  check_critical_attribute( attribs, :record_name )
  check_critical_attribute( attribs, :action )
  check_critical_attribute( attribs, :scope )
  tidy_attribs = tidy_attribs(attribs)
  build_dscl_command( tidy_attribs, dir_info )
end

#dseditgroup(attribs, dir_info) ⇒ Object

# File 'lib/open_directory_utils/commands_base.rb', line 32

def dseditgroup(attribs, dir_info)
  check_critical_attribute( attribs, :value )
  check_critical_attribute( attribs, :operation )
  if attribs[:operation].eql?('checkmember')
    check_critical_attribute( attribs, :record_name )
  end
  if attribs[:operation].eql?('edit')
    check_critical_attribute( attribs, :record_name )
    check_critical_attribute( attribs, :action )
    check_critical_attribute( attribs, :type )
  end
  tidy_attribs = tidy_attribs(attribs)
  build_dseditgroup_command( tidy_attribs, dir_info )
end

#pwpolicy(params, dir_info) ⇒ Object

builds the pwpolicy commands (after checking parameters)

# File 'lib/open_directory_utils/commands_base.rb', line 14

def pwpolicy(params, dir_info)
  check_critical_attribute( params, :record_name )
  cmd_params = tidy_attribs(params)

  build_pwpolicy_command( cmd_params, dir_info )
end