Class: Ucert::FisPrimeTracker
- Inherits:
-
Object
- Object
- Ucert::FisPrimeTracker
- Includes:
- Utils
- Defined in:
- lib/ucert/fis_prime_tracker.rb
Overview
Class to handle FIS Prime user account IDs
Instance Attribute Summary collapse
-
#file_user_map ⇒ Object
Class constant variables.
-
#prime_2_ad_user ⇒ Object
readonly
Returns the value of attribute prime_2_ad_user.
-
#prime_operator_entitlement ⇒ Object
readonly
Returns the value of attribute prime_operator_entitlement.
-
#prime_operator_right_report ⇒ Object
Class constant variables.
-
#prime_operator_status_report ⇒ Object
Class constant variables.
-
#prime_role_entitlement ⇒ Object
readonly
Returns the value of attribute prime_role_entitlement.
-
#verbose ⇒ Object
Class constant variables.
Instance Method Summary collapse
-
#code_2_index(code) ⇒ Object
Retrieve the operator index from the @prime_operator_entitlement data structure.
-
#fis_prime_search_by_dn(dn) ⇒ Object
(also: #search_by_dn)
Search Operator entitlement record by AD DN.
-
#initialize(params = {}) ⇒ FisPrimeTracker
constructor
Instance default variables.
-
#insert_dn ⇒ Object
Procedures to add additonal field ‘dn’ into the @prime_operator_entitlement data structure, by person the AD search.
-
#parse_operator_right_report(file) ⇒ Object
Parsing the FIS Prime Operator Rights report in XML format, insert the additional entitlement information into our data structure.
Methods included from Utils
#file_2_list, #is_fqdn?, #is_ip?, #is_url?, #list_2_file, #load_known_user_map_from_file, #nslookup, #search_ad, #update_dn
Constructor Details
#initialize(params = {}) ⇒ FisPrimeTracker
Instance default variables
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/ucert/fis_prime_tracker.rb', line 20 def initialize (params ={}) @verbose=params.fetch(:verbose, false) # FIS Prime operator status report generation: Logon to Prime, under "ANALYTICS", Choose "Security Reports" -> # "OperStatus"; select "ALL" for all fields, click "OK" button; click "Export this report" icon, then select "XML", # then select "XML" as the output foramt, click "OK" @prime_operator_status_report = File.dirname(__FILE__)+"/../../data/fis_prime/Prime_Operator_Status_Report.xml" # FIS Prime operator Right report generation: Logon to Prime, under "ANALYTICS", Choose "Security Reports" -> # "OperRights"; click "Export this report" icon, then select "XML", # then select "XML" as the output foramt, click "OK" @prime_operator_rights_report = File.dirname(__FILE__)+"/../../data/fis_prime/Prime_Operator_Rights_Report.xml" # FIS Prime Operators and Roles report generation: Logon to Prime, under "ANALYTICS", Choose "Security Reports" -> # "RolesRights"; select "ALL" for all fields, click "OK" button; click "Export this report" icon, then select "XML", # then select "XML" as the output foramt, click "OK" @prime_rights_by_role_report = File.dirname(__FILE__)+"/../../data/fis_prime/Prime_Rights_by_Role_Report.xml" # FIS Prime Operators and Roles report generation: Logon to Prime, under "ANALYTICS", Choose "Security Reports" -> # "OperRoles"; select "BOTH" for all fields, click "OK" button; click "Export this report" icon, then select "XML", # then select "XML" as the output foramt, click "OK" @prime_operators_roles_report = File.dirname(__FILE__)+"/../../data/fis_prime/Prime_Operators_and_Roles_Report.xml" # FIS Prime to AD user map file @file_prime_user_map = File.dirname(__FILE__)+"/../../data/fis_prime/prime_user_map.txt" # local the local cacsh file @prime_2_ad_user=load_known_user_map_from_file(@file_prime_user_map) # Load the user entitlement instance variable from the following 3 native FIS Prime reports as below. parse_operator_status_report(@prime_operator_status_report) parse_operator_right_report(@prime_operator_rights_report) parse_operators_and_roles_report(@prime_operators_roles_report) # Procedure to add DN foreign key to the @prime_operator_entitlement, by using key1 key2 to perform the AD search insert_dn # save user map to the local file save! # Load the role entitlement instance variable from the native FIS Prime reports @prime_role_entitlement=parse_rights_by_role_report(@prime_rights_by_role_report) end |
Instance Attribute Details
#file_user_map ⇒ Object
Class constant variables
16 17 18 |
# File 'lib/ucert/fis_prime_tracker.rb', line 16 def file_user_map @file_user_map end |
#prime_2_ad_user ⇒ Object (readonly)
Returns the value of attribute prime_2_ad_user.
17 18 19 |
# File 'lib/ucert/fis_prime_tracker.rb', line 17 def prime_2_ad_user @prime_2_ad_user end |
#prime_operator_entitlement ⇒ Object (readonly)
Returns the value of attribute prime_operator_entitlement.
17 18 19 |
# File 'lib/ucert/fis_prime_tracker.rb', line 17 def prime_operator_entitlement @prime_operator_entitlement end |
#prime_operator_right_report ⇒ Object
Class constant variables
16 17 18 |
# File 'lib/ucert/fis_prime_tracker.rb', line 16 def prime_operator_right_report @prime_operator_right_report end |
#prime_operator_status_report ⇒ Object
Class constant variables
16 17 18 |
# File 'lib/ucert/fis_prime_tracker.rb', line 16 def prime_operator_status_report @prime_operator_status_report end |
#prime_role_entitlement ⇒ Object (readonly)
Returns the value of attribute prime_role_entitlement.
17 18 19 |
# File 'lib/ucert/fis_prime_tracker.rb', line 17 def prime_role_entitlement @prime_role_entitlement end |
#verbose ⇒ Object
Class constant variables
16 17 18 |
# File 'lib/ucert/fis_prime_tracker.rb', line 16 def verbose @verbose end |
Instance Method Details
#code_2_index(code) ⇒ Object
Retrieve the operator index from the @prime_operator_entitlement data structure
279 280 281 282 283 284 285 286 287 288 |
# File 'lib/ucert/fis_prime_tracker.rb', line 279 def code_2_index (code) begin (1..@prime_operator_entitlement.count).map do |index| return index if @prime_operator_entitlement[index]["Operator.Code"]==code end return 0 rescue => ee puts "Exception on method #{__method__}: #{ee}" end end |
#fis_prime_search_by_dn(dn) ⇒ Object Also known as: search_by_dn
Search Operator entitlement record by AD DN
376 377 378 379 380 381 382 383 384 385 386 |
# File 'lib/ucert/fis_prime_tracker.rb', line 376 def fis_prime_search_by_dn (dn) begin puts "Perform search on the operator entitlement records by AD DN: #{dn}" if @verbose @prime_operator_entitlement.each do |key, val| return val if @prime_operator_entitlement[key]['DN'].eql? dn end return nil rescue => ee puts "Exception on method #{__method__}: #{ee}" end end |
#insert_dn ⇒ Object
Procedures to add additonal field ‘dn’ into the @prime_operator_entitlement data structure, by person the AD search
291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 |
# File 'lib/ucert/fis_prime_tracker.rb', line 291 def insert_dn begin # Insert the foreign key pointing back to the AD user table tracker=Ucert::AdTracker.new @prime_operator_entitlement.each do |id, record| my_key=record['Operator.Code'].upcase + ':' + record['Operator.UserName'].upcase puts "Perform search from the local cache first: #{my_key}" if @verbose if @prime_2_ad_user.key?(my_key) dn=@prime_2_ad_user[my_key] # additional logic to update the existing DN record unless tracker.ad_person_records.key?(dn) dn = update_dn(tracker,dn) end puts "Found in the local cache file: #{dn}" if @verbose else if record["Operator.Email"].empty? keyword=record["Operator.UserName"] else keyword=record["Operator.Email"] end puts "Perform 2nd order search only if the 1st one fail, by using: #{keyword}" if @verbose dn=search_ad(keyword) if dn.nil? keyword=record['Operator.Code'] puts "Perform 3rd order search only if the 2nd one fail, by using: #{keyword}" if @verbose dn=search_ad(keyword) end end @prime_operator_entitlement[id]['DN']=dn end tracker=nil rescue => ee puts "Exception on method #{__method__}: #{ee}" end end |
#parse_operator_right_report(file) ⇒ Object
Parsing the FIS Prime Operator Rights report in XML format, insert the additional entitlement information into our data structure
110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 |
# File 'lib/ucert/fis_prime_tracker.rb', line 110 def parse_operator_right_report (file) begin #prime_operator_entitlement=Hash.new operator_index=0 xml_doc = Nokogiri::XML(File.open(file)) xml_doc.css("Group").map do |record| record.css("GroupHeader Field").map do |field| puts "Attributes: #{field.attributes["Name"]}, #{field.attributes["FieldName"]}; Exacted Value: #{field.children[1].text}" if @verbose case field.attributes["Name"].text.strip when "Field8" # Build-in validation logic to check the consistancy of the XML reports, skip the current record if consistancy problem found operator_index=code_2_index(field.children[1].text) break if operator_index==0 @prime_operator_entitlement[operator_index]["Operator.Code"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Code"] when "Field11" @prime_operator_entitlement[operator_index]["Operator.Branch"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Branch"] when "Field12" @prime_operator_entitlement[operator_index]["Operator.Dept"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Dept"] when "Field20" @prime_operator_entitlement[operator_index]["Operator.Enabled"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Enabled"] when "Field23" @prime_operator_entitlement[operator_index]["Operator.Deleted"]=field.children[1].text unless @prime_operator_entitlement[operator_index]["Operator.Deleted"] else #do nothing end end # recording entitlement details record.css("Details").map do |detail| entitlement=Hash.new detail.css("Field").map do |field| puts "Attributes: #{field.attributes["Name"].text.strip}, #{field.attributes["FieldName"]}; Exacted Value: #{field.children[1].text}" if @verbose case field.attributes["Name"].text.strip when "Field2" entitlement["ScopeText"]=field.children[1].text unless entitlement["ScopeText"] when "Field3" entitlement["OperRights.Right"]=field.children[1].text unless entitlement["OperRights.Right"] when "Field4" entitlement["OperRights.ObjBranch"]=field.children[1].text unless entitlement["OperRights.ObjBranch"] when "Field5" entitlement["OperRights.ObjDept"]=field.children[1].text unless entitlement["OperRights.ObjDept"] when "Field6" entitlement["OperRights.ObjOper"]=field.children[1].text unless entitlement["OperRights.ObjOper"] else #do nothing end @prime_operator_entitlement[operator_index]["Entitlements"] = Hash.new unless @prime_operator_entitlement[operator_index].key?("Entitlements") @prime_operator_entitlement[operator_index]["Entitlements"].merge!({entitlement['OperRights.Right'] => entitlement}) if entitlement.key?('OperRights.Right') end end end xml_doc=nil return prime_operator_entitlement rescue => ee puts "Exception on method #{__method__}: #{ee}" end end |