Class: Soteria::User

Inherits:
Object
  • Object
show all
Defined in:
lib/soteria/user.rb

Instance Method Summary collapse

Instance Method Details

#add_credential(client, user_id, credential_id, credential_type, options) ⇒ Hash

Add a credential to an existing user in the Symantec VIP database.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    Id of the user to add a credential to.

  • credential_id (String)

    Unique identifier of the credential.

  • credential_type (String)

    must be one of the keys to the credential types from the Utilities class.

  • options (Hash)

    A hash that can contain the following. :name adds a friendly name to the credential added to vip, :otp sends a otp from the credential with the request to verify that the user actually has possession of the credential

Returns:

  • (Hash)

    A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

See Also:



90
91
92
93
 
# File 'lib/soteria/user.rb', line 90

def add_credential(client, user_id, credential_id, credential_type, options)
  response = client.call(:add_credential, message: get_add_credential_message(user_id, credential_id, credential_type, options))
  get_return_hash(response.body[:add_credential_response])
end

#clear_temp_pass(client, user_id) ⇒ Hash

Use clearTemporaryPassword to add users to VIP User Services.to remove a temporary security code from a user. If the user attempts to use a temporary security that has been cleared, VIP User Services returns an error stating the security code is not set. If the user validates a security code using a valid credential, any temporary security code that is set for that user is automatically cleared.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    The unique ID for the user.

Returns:

  • (Hash)

    A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes



368
369
370
371
372
373
374
375
376
 
# File 'lib/soteria/user.rb', line 368

def clear_temp_pass(client, user_id)
  message = {
      'vip:requestId': Utilities.get_request_id('clear_temp_pass'),
      'vip:userId': user_id
  }

  response = client.call(:clear_temporary_password, message: message)
  get_return_hash(response.body[:clear_temporary_password_response])
end

#clear_user_pin(client, user_id) ⇒ Hash

Use clearUserPin to remove an assigned PIN from a user.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    The unique ID for the user.

Returns:

  • (Hash)

    A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes



249
250
251
252
253
254
255
256
 
# File 'lib/soteria/user.rb', line 249

def clear_user_pin(client, user_id)
  response = client.call(:clear_user_pin, message: {
      'vip:requestId': Utilities.get_request_id('clear_pin'),
      'vip:userId': user_id
  })

  get_return_hash(response.body[:clear_user_pin_response])
end

#create(client, user_id, pin) ⇒ Hash

Add a new user to the list of users in Symantec VIP database.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    Id of the user to create.

  • pin (String)

    an optional value that is a pin for the user. The PIN may be 4 to 128 international characters in length, depending on restrictions of the PIN policy.

Returns:

  • (Hash)

    A hash that contains: :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes



12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/soteria/user.rb', line 12

def create(client, user_id, pin)
  message = {
      'vip:requestId': Utilities.get_request_id('create_user'),
      'vip:userId': user_id
  }

  unless pin.nil?
    message['vip:pin'] = pin
  end

  response = client.call(:create_user, message: message)

  get_return_hash(response.body[:create_user_response])
end

#delete(client, user_id) ⇒ Hash

Delete a user from the database of Symantec VIP users.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    Id of the user to delete.

Returns:

  • (Hash)

    A hash that contains: :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes



33
34
35
36
37
38
39
40
41
 
# File 'lib/soteria/user.rb', line 33

def delete(client, user_id)
  response = client.call(:delete_user,
                         message: {
                             'vip:requestId': Utilities.get_request_id('delete_user'),
                             'vip:userId': user_id
                         })

  get_return_hash(response.body[:delete_user_response])
end

#get_add_credential_message(user_id, credential_id, credential_type, options) ⇒ Hash

Creates the body for a add credential request.

Parameters:

  • user_id (String)

    Id of the user to add a credential to.

  • credential_id (String)
  • credential_type (String)

    must be one of the keys to the credential types from the Utilities class.

  • options (Hash)

    A hash that can contain the following. :name adds a friendly name to the credential added to vip, :otp sends a otp from the credential with the request to verify that the user actually has possession of the credential

Returns:

  • (Hash)

    A hash representing the body of the soap request to add a credential.

See Also:



52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
# File 'lib/soteria/user.rb', line 52

def get_add_credential_message(user_id, credential_id, credential_type, options)
  message = {
      'vip:requestId': Utilities.get_request_id('add_credential'),
      'vip:userId': user_id
  }

  credential_detail = {
      'vip:credentialId': credential_id,
      'vip:credentialType': credential_type
  }

  unless options == nil
    if options.key?(:name)
      credential_detail[:'vip:friendlyName'] = options[:name]
    end

    if options.key?(:otp)
      message[:'vip:otpAuthData'] = {
          'vip:otp': options[:otp]
      }
    end
  end

  message[:'vip:credentialDetail'] = credential_detail

  message
end

#get_return_hash(response_hash) ⇒ Hash

Helper function to create the hash to return. All user calls have the same return values.

Parameters:

  • response_hash (Hash)

Returns:

  • (Hash)

    A hash with the appropriate values. Included are: :success - a boolean if the operation was successful,



397
398
399
400
401
402
403
404
405
 
# File 'lib/soteria/user.rb', line 397

def get_return_hash(response_hash)
  success = response_hash[:status] == '0000'

  {
      success: success,
      message: response_hash[:status_message],
      id: response_hash[:request_id]
  }
end

#get_temp_pass_attr(client, user_id) ⇒ Hash

Use getTemporaryPasswordAttributes to poll VIP User Services every three to five seconds to check the status of a push notification. The push notification is validated against the notification’s unique transaction ID.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP query WSDL.

  • user_id (String)

    The unique ID for the user.

Returns:

  • (Hash)

    A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes



295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
 
# File 'lib/soteria/user.rb', line 295

def get_temp_pass_attr(client, user_id)
  response = client.call(:get_temporary_password_attributes, message: {
      'vip:requestId': Utilities.get_request_id('get_temp_pass_attr'),
      'vip:userId': user_id
  })
  response_hash = response.body[:get_temporary_password_attributes_response]

  ret = get_return_hash(response_hash)

  unless response_hash[:temp_pwd_attributes] == nil
    ret[:oneTime] = response_hash[:temp_pwd_attributes][:one_time_use_only]
    ret[:expiration] = response_hash[:temp_pwd_attributes][:expiration_time]
  end

  ret
end

#get_user_info(client, user_id, include_push) ⇒ Hash

Get all the credentials that have been last bound to a user or the last authentication, as well as the friendly name for the user’s credential.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP query WSDL.

  • user_id (String)

    Id of the user to get information about.

  • include_push (Boolean)

    If the users push details should be returned.

Returns:

  • (Hash)

    A hash that contains; :credentials a array of credentials available, :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes



147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
 
# File 'lib/soteria/user.rb', line 147

def (client, user_id, include_push)
  response = client.call(:get_user_info, message: {
      'vip:requestId': Utilities.get_request_id('get_user_info'),
      'vip:userId': user_id,
      'vip:includePushAttributes': include_push
  })

  response_hash = response.body[:get_user_info_response]

  credentials = []

  if response_hash[:num_bindings] == nil || response_hash[:num_bindings] ==  '0'
    credentials = nil

  else
    response_hash[:credential_binding_detail].each do |credential|

      bind_detail = credential[:binding_detail]

      if credential[:credential_type] == 'STANDARD_OTP'
        push_attrs = credential[:push_attributes]
        credentials.push({
                             type: 'STANDARD_OTP',
                             enabled: response_hash[:credential_status] == 'ENABLED' && bind_detail[:bind_status] == 'ENABLED',
                             friendly_name: bind_detail[:friendly_name],
                             push: push_check(push_attrs),
                             credential_id: credential[:credential_id]
                         })

      elsif credential[:credential_type] == 'SMS_OTP'
        credentials.push({
                             type: 'SMS_OTP',
                             enabled: response_hash[:credential_status] == 'ENABLED' && bind_detail[:bind_status] == 'ENABLED',
                             friendly_name: bind_detail[:friendly_name],
                             push: false,
                             credential_id: credential[:credential_id]
                         })
      elsif credential[:credential_type] == 'VOICE_OTP'
        credentials.push({
                             type: 'VOICE_OTP',
                             enabled: response_hash[:credential_status] == 'ENABLED' && bind_detail[:bind_status] == 'ENABLED',
                             friendly_name: bind_detail[:friendly_name],
                             push: false,
                             credential_id: credential[:credential_id]
                         })
      end

    end

  end

  ret = get_return_hash(response_hash)
  ret[:credentials] = credentials
  ret
end

#push_check(attrs) ⇒ Boolean

Helper function to loop through an array of hashes with key value pairs and return if push is enabled.

Parameters:

  • attrs (Array)

    A array of hash attributes

Returns:

  • (Boolean)

    If push is enabled for the give attributes



383
384
385
386
387
388
389
390
 
# File 'lib/soteria/user.rb', line 383

def push_check(attrs)
  attrs.each do |a|
    if a[:key] == 'PUSH_ENABLED'
      return a[:value]
    end
  end
  false
end

#remove_credential(client, user_id, credential_id, credential_type) ⇒ Hash

Remove a credential from a given user. If the Device deletion policy for Remembered Devices is set to Admin Only, credentials can only be removed through VIP Manager. The removeCredential API will return the error 6010: This account is not authorized to perform the requested operation

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    Id of the user to remove a credential from.

  • credential_id (String)

    Unique identifier of the credential.

  • credential_type (String)

    must be one of the keys to the credential types from the Utilities class.

Returns:

  • (Hash)

    A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

See Also:



106
107
108
109
110
111
112
113
114
115
 
# File 'lib/soteria/user.rb', line 106

def remove_credential(client, user_id, credential_id, credential_type)
  response = client.call(:remove_credential, message: {
      'vip:requestId': Utilities.get_request_id('remove_credential'),
      'vip:userId': user_id,
      'vip:credentialId': credential_id,
      'vip:credentialType': credential_type
  })

  get_return_hash(response.body[:remove_credential_response])
end

#set_temp_pass_attr(client, user_id, options) ⇒ Hash

Use setTemporaryPasswordAttributes to change the expiration date for a temporary security code you previously set.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    The unique ID for the user.

  • options (Object)

Returns:

  • (Hash)

    A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes



265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
 
# File 'lib/soteria/user.rb', line 265

def set_temp_pass_attr(client, user_id, options)
  message = {
      'vip:requestId': Utilities.get_request_id('set_temp_pass_attr'),
      'vip:userId': user_id
  }

  unless options == nil
    inner = {}
    if options.key?(:oneTime)
      inner[:'vip:oneTimeUseOnly'] = options[:oneTime]
    end

    if options.key?(:expireTime)
      inner[:'vip:expirationTime'] = options[:expireTime]
    end

    message[:'vip:temporaryPasswordAttributes'] = inner
  end

  response = client.call(:set_temporary_password_attributes, message: message)
  get_return_hash(response.body[:set_temporary_password_attributes_response])
end

#set_temp_password(client, user_id, phone, options) ⇒ Hash

Use setTemporaryPassword to set a temporary security code for a user. You can optionally set an expiration date for the security code, or set it for one-time use only. The request requires the user ID and optionally, the temporary security code string. If you do not provide a security code, VIP User Services generates one for you.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    The unique ID for the user.

  • phone (Int)

    The phone or mobile device number to which the VIP User Service should deliver the security code.

  • options (Hash)

Returns:

  • (Hash)

    A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes



323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
 
# File 'lib/soteria/user.rb', line 323

def set_temp_password(client, user_id, phone, options)
  message = {
      'vip:requestId': Utilities.get_request_id('set_temp_pass'),
      'vip:userId': user_id
  }

  phone_options = {'vip:phoneNumber': phone}

  unless options == nil
    if options.key?(:otp)
      message[:'vip:temporaryPassword'] = options[:otp]
    end

    if options.key?(:expireTime)
      message[:'vip:expirationTime'] = options[:expireTime]
    end

    if options.key?(:oneTime)
      message[:'vip:temporaryPasswordAttributes'] = { 'vip:oneTimeUseOnly': options[:oneTime] }
    end

    if options.key?(:from)
      phone_options[:'vip:expirationTime'] = options[:from]
    end
  end

  message[:'vip:smsDeliveryInfo'] = phone_options

  response = client.call(:set_temporary_password, message: message)

  ret = get_return_hash(response.body[:set_temporary_password_response])
  ret[:password] = response.body[:set_temporary_password_response][:temporary_password]

  ret
end

#update_credential(client, user_id, credential_id, credential_type, name) ⇒ Hash

Updates the friendly name of a users credential.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    Id of the user to remove a credential from.

  • credential_id (String)

    Unique identifier of the credential.

  • credential_type (String)

    must be one of the keys to the credential types from the Utilities class.

  • name (Object)

    A user-defined name to identify the credential.

Returns:

  • (Hash)

    A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes

See Also:



127
128
129
130
131
132
133
134
135
136
137
 
# File 'lib/soteria/user.rb', line 127

def update_credential(client, user_id, credential_id, credential_type, name)
  response = client.call(:update_credential, message: {
      'vip:requestId': Utilities.get_request_id('update_credential'),
      'vip:userId': user_id,
      'vip:credentialId': credential_id,
      'vip:credentialType': credential_type,
      'vip:friendlyName': name
  })

  get_return_hash(response.body[:update_credential_response])
end

#update_user(client, user_id, options) ⇒ Hash

Use updateUser to update information about a user in VIP User Services.

Parameters:

  • client (Savon::Client)

    A Savon client object to make the call with. This needs to be created with the VIP management WSDL.

  • user_id (String)

    The unique ID for the user.

  • options (Object)

Returns:

  • (Hash)

    A hash that contains; :success a boolean if the call succeeded, :message a string with any error message, :id the id of the call for debugging purposes



210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
 
# File 'lib/soteria/user.rb', line 210

def update_user(client, user_id, options)
  message = {
      'vip:requestId': Utilities.get_request_id('update_user'),
      'vip:userId': user_id
  }

  unless options == nil
    if options.key?(:newId)
      message[:'vip:newUserId'] = options[:newId]
    end

    if options.key?(:status)
      message[:'vip:newUserStatus'] = options[:status]
    end

    if options.key?(:oldPin)
      message[:'vip:oldPin'] = options[:oldPin]
    end

    if options.key?(:newPin)
      message[:'vip:newPin'] = options[:newPin]
    end

    if options.key?(:pinReset)
      message[:'vip:forcePinReset'] = options[:pinReset]
    end

  end

  response = client.call(:update_user, message: message)
  get_return_hash(response.body[:update_user_response])
end