Class: Ucert::FisPrimeTracker

Inherits:

Object

• Object
• Ucert::FisPrimeTracker

Includes:

Utils

Defined in:

lib/ucert/fis_prime_tracker.rb

Overview

Class to handle FIS Prime user account IDs

Instance Attribute Summary

• #file_user_map ⇒ Object

  Class constant variables.

• #prime_2_ad_user ⇒ Object readonly

  Returns the value of attribute prime_2_ad_user.

• #prime_operator_entitlement ⇒ Object readonly

  Returns the value of attribute prime_operator_entitlement.

• #prime_operator_right_report ⇒ Object

  Class constant variables.

• #prime_operator_status_report ⇒ Object

  Class constant variables.

• #prime_role_entitlement ⇒ Object readonly

  Returns the value of attribute prime_role_entitlement.

• #verbose ⇒ Object

  Class constant variables.

Instance Method Summary

• #code_2_index(code) ⇒ Object

  Retrieve the operator index from the @prime_operator_entitlement data structure.

• #fis_prime_search_by_dn(dn) ⇒ Object (also: #search_by_dn)

  Search Operator entitlement record by AD DN.

• #initialize(params = {}) ⇒ FisPrimeTracker constructor

  Instance default variables.

• #insert_dn ⇒ Object

  Procedures to add additonal field ‘dn’ into the @prime_operator_entitlement data structure, by person the AD search.

• #parse_operator_right_report(file) ⇒ Object

  Parsing the FIS Prime Operator Rights report in XML format, insert the additional entitlement information into our data structure.

Methods included from Utils

#file_2_list, #is_fqdn?, #is_ip?, #is_url?, #list_2_file, #load_known_user_map_from_file, #nslookup, #search_ad, #update_dn

Constructor Details

#initialize(params = {}) ⇒ FisPrimeTracker

Instance default variables

# File 'lib/ucert/fis_prime_tracker.rb', line 20

def initialize (params ={})
   @verbose=params.fetch(:verbose, false)
   # FIS Prime operator status report generation: Logon to Prime, under "ANALYTICS", Choose "Security Reports" ->
   # "OperStatus"; select "ALL" for all fields, click "OK" button; click  "Export this report" icon, then select "XML",
   # then select "XML" as the output foramt, click "OK"
   @prime_operator_status_report = File.dirname(__FILE__)+"/../../data/fis_prime/Prime_Operator_Status_Report.xml"
   # FIS Prime operator Right report generation: Logon to Prime, under "ANALYTICS", Choose "Security Reports" ->
   # "OperRights"; click  "Export this report" icon, then select "XML",
   # then select "XML" as the output foramt, click "OK"
   @prime_operator_rights_report = File.dirname(__FILE__)+"/../../data/fis_prime/Prime_Operator_Rights_Report.xml"
   # FIS Prime Operators and Roles report generation: Logon to Prime, under "ANALYTICS", Choose "Security Reports" ->
   # "RolesRights"; select "ALL" for all fields, click "OK" button; click  "Export this report" icon, then select "XML",
   # then select "XML" as the output foramt, click "OK"
   @prime_rights_by_role_report = File.dirname(__FILE__)+"/../../data/fis_prime/Prime_Rights_by_Role_Report.xml"
   # FIS Prime Operators and Roles report generation: Logon to Prime, under "ANALYTICS", Choose "Security Reports" ->
   # "OperRoles"; select "BOTH" for all fields, click "OK" button; click  "Export this report" icon, then select "XML",
   # then select "XML" as the output foramt, click "OK"
   @prime_operators_roles_report = File.dirname(__FILE__)+"/../../data/fis_prime/Prime_Operators_and_Roles_Report.xml"
   # FIS Prime to AD user map file
   @file_prime_user_map =  File.dirname(__FILE__)+"/../../data/fis_prime/prime_user_map.txt"
	# local the local cacsh file
	@prime_2_ad_user=load_known_user_map_from_file(@file_prime_user_map)
	# Load the user entitlement instance variable from the following 3 native FIS Prime reports as below.
	parse_operator_status_report(@prime_operator_status_report)
	parse_operator_right_report(@prime_operator_rights_report)
   parse_operators_and_roles_report(@prime_operators_roles_report)
	# Procedure to add DN foreign key to the @prime_operator_entitlement, by using key1 key2 to perform the AD search
	insert_dn
	# save user map to the local file
	save!
	# Load the role entitlement instance variable from the native FIS Prime reports
   @prime_role_entitlement=parse_rights_by_role_report(@prime_rights_by_role_report)
end

Instance Attribute Details

#file_user_map ⇒ Object

Class constant variables

# File 'lib/ucert/fis_prime_tracker.rb', line 16

def file_user_map
  @file_user_map
end

#prime_2_ad_user ⇒ Object (readonly)

Returns the value of attribute prime_2_ad_user.

# File 'lib/ucert/fis_prime_tracker.rb', line 17

def prime_2_ad_user
  @prime_2_ad_user
end

#prime_operator_entitlement ⇒ Object (readonly)

Returns the value of attribute prime_operator_entitlement.

# File 'lib/ucert/fis_prime_tracker.rb', line 17

def prime_operator_entitlement
  @prime_operator_entitlement
end

#prime_operator_right_report ⇒ Object

Class constant variables

# File 'lib/ucert/fis_prime_tracker.rb', line 16

def prime_operator_right_report
  @prime_operator_right_report
end

#prime_operator_status_report ⇒ Object

Class constant variables

# File 'lib/ucert/fis_prime_tracker.rb', line 16

def prime_operator_status_report
  @prime_operator_status_report
end

#prime_role_entitlement ⇒ Object (readonly)

Returns the value of attribute prime_role_entitlement.

# File 'lib/ucert/fis_prime_tracker.rb', line 17

def prime_role_entitlement
  @prime_role_entitlement
end

#verbose ⇒ Object

Class constant variables

# File 'lib/ucert/fis_prime_tracker.rb', line 16

def verbose
  @verbose
end

Instance Method Details

#code_2_index(code) ⇒ Object

Retrieve the operator index from the @prime_operator_entitlement data structure

# File 'lib/ucert/fis_prime_tracker.rb', line 279

def code_2_index (code)
		begin
       (1..@prime_operator_entitlement.count).map do |index|
         return index if @prime_operator_entitlement[index]["Operator.Code"]==code
       end
       return 0
		rescue => ee
			puts "Exception on method #{__method__}: #{ee}"
		end
end

#fis_prime_search_by_dn(dn) ⇒ Object Also known as: search_by_dn

Search Operator entitlement record by AD DN

# File 'lib/ucert/fis_prime_tracker.rb', line 376

def fis_prime_search_by_dn (dn)
	begin
     puts "Perform search on the operator entitlement records by AD DN: #{dn}" if @verbose
     @prime_operator_entitlement.each do |key, val|
         return val if @prime_operator_entitlement[key]['DN'].eql? dn
     end
		return nil
   rescue => ee
     puts "Exception on method #{__method__}: #{ee}"
   end
end

#insert_dn ⇒ Object

Procedures to add additonal field ‘dn’ into the @prime_operator_entitlement data structure, by person the AD search

# File 'lib/ucert/fis_prime_tracker.rb', line 291

def insert_dn
	begin
		# Insert the foreign key pointing back to the AD user table
		tracker=Ucert::AdTracker.new
		@prime_operator_entitlement.each do |id, record|
			my_key=record['Operator.Code'].upcase + ':' + record['Operator.UserName'].upcase
			puts "Perform search from the local cache first: #{my_key}" if @verbose
			if @prime_2_ad_user.key?(my_key)
				dn=@prime_2_ad_user[my_key]
				# additional logic to update the existing DN record
				unless tracker.ad_person_records.key?(dn)
					dn = update_dn(tracker,dn)
				end
				puts "Found in the local cache file: #{dn}" if @verbose
			else
				if record["Operator.Email"].empty?
					keyword=record["Operator.UserName"]
				else
					keyword=record["Operator.Email"]
				end
				puts "Perform 2nd order search only if the 1st one fail, by using: #{keyword}" if @verbose
				dn=search_ad(keyword)
				if dn.nil?
					keyword=record['Operator.Code']
					puts "Perform 3rd order search only if the 2nd one fail, by using: #{keyword}" if @verbose
					dn=search_ad(keyword)
				end
			end
			@prime_operator_entitlement[id]['DN']=dn
		end
		tracker=nil
	rescue => ee
		puts "Exception on method #{__method__}: #{ee}"
	end
end

#parse_operator_right_report(file) ⇒ Object

Parsing the FIS Prime Operator Rights report in XML format, insert the additional entitlement information into our data structure

# File 'lib/ucert/fis_prime_tracker.rb', line 110

def parse_operator_right_report (file)
     begin
			#prime_operator_entitlement=Hash.new
     	operator_index=0
       xml_doc = Nokogiri::XML(File.open(file))
       xml_doc.css("Group").map do |record|
         record.css("GroupHeader Field").map do |field|
           puts "Attributes: #{field.attributes["Name"]}, #{field.attributes["FieldName"]}; Exacted Value: #{field.children[1].text}" if @verbose
           case field.attributes["Name"].text.strip
           when "Field8"
						# Build-in validation logic to check the consistancy of the XML reports, skip the current record if consistancy problem found
						operator_index=code_2_index(field.children[1].text)
						break if operator_index==0
             @prime_operator_entitlement[operator_index]["Operator.Code"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Code"]
 					when "Field11"
             @prime_operator_entitlement[operator_index]["Operator.Branch"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Branch"]
           when "Field12"
             @prime_operator_entitlement[operator_index]["Operator.Dept"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Dept"]
           when "Field20"
             @prime_operator_entitlement[operator_index]["Operator.Enabled"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Enabled"]
           when "Field23"
             @prime_operator_entitlement[operator_index]["Operator.Deleted"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Deleted"]
           else
             #do nothing
           end
         end
				# recording entitlement details
				record.css("Details").map do |detail|
           entitlement=Hash.new
           detail.css("Field").map do |field|
             puts "Attributes: #{field.attributes["Name"].text.strip}, #{field.attributes["FieldName"]}; Exacted Value: #{field.children[1].text}" if @verbose
						case field.attributes["Name"].text.strip
             when "Field2"
               entitlement["ScopeText"]=field.children[1].text unless entitlement["ScopeText"]
             when "Field3"
               entitlement["OperRights.Right"]=field.children[1].text unless entitlement["OperRights.Right"]
             when "Field4"
               entitlement["OperRights.ObjBranch"]=field.children[1].text unless entitlement["OperRights.ObjBranch"]
             when "Field5"
               entitlement["OperRights.ObjDept"]=field.children[1].text unless entitlement["OperRights.ObjDept"]
             when "Field6"
               entitlement["OperRights.ObjOper"]=field.children[1].text unless entitlement["OperRights.ObjOper"]
             else
               #do nothing
             end
						@prime_operator_entitlement[operator_index]["Entitlements"] = Hash.new unless @prime_operator_entitlement[operator_index].key?("Entitlements")
						@prime_operator_entitlement[operator_index]["Entitlements"].merge!({entitlement['OperRights.Right'] => entitlement}) if entitlement.key?('OperRights.Right')
					end
         end
       end
       xml_doc=nil
       return prime_operator_entitlement
     rescue => ee
			puts "Exception on method #{__method__}: #{ee}"
		end
end