nexus-carp/replicator_scripts.go at develop · cloudogu/nexus-carp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
// Code generated by go generate; DO NOT EDIT.
package main

const CARP_USER_REPLICATION = `import groovy.json.JsonSlurper
import org.sonatype.nexus.security.user.UserNotFoundException
import org.sonatype.nexus.security.role.*
import org.apache.commons.lang.*
import java.security.SecureRandom
import org.sonatype.nexus.security.SecuritySystem

def securitySystem = container.lookup(SecuritySystem.class.name)
def authManager = securitySystem.getAuthorizationManager("default")

// parse json formatted carp user, which is send as argument for the script
def carpUser = new JsonSlurper().parseText(args)

// default role for new users
def defaultRole = ['cesUser']

try {
  log.info('update user ' + carpUser)
  def user = security.securitySystem.getUser(carpUser.Username)
  user.setFirstName(carpUser.FirstName)
  user.setLastName(carpUser.LastName)
  user.setEmailAddress(carpUser.Email)
  // active status and password are not changed
  security.securitySystem.updateUser(user)
} catch (UserNotFoundException ex) {
  log.info('create user ' + carpUser.Username)

  // user not found, create a new one
  // id, firstName, lastName, Email, active, password, arrayOfRoles
  String VALID_PW_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!\"#\$%&'()*+,-./:;<=>?@[\\]^_` + "`" +`{|}~";
  String randomUserPassword = org.apache.commons.lang.RandomStringUtils.random(16, 0, VALID_PW_CHARS.length(), true, true, VALID_PW_CHARS.toCharArray(), new SecureRandom());
  security.addUser(carpUser.Username, carpUser.FirstName, carpUser.LastName, carpUser.Email, true, randomUserPassword, defaultRole)
}

// map groups to nexus roles
// remove user from admin group; will be added again, if still in it
user = security.securitySystem.getUser(carpUser.Username)
user.removeRole(new RoleIdentifier("default", "cesAdminGroup"))
security.securitySystem.updateUser(user)
// add roles to user
for (group in carpUser.Groups){
  Role currentRole
  try{
    currentRole = authManager.getRole(group)
  } catch (NoSuchRoleException noSuchRoleException){
    log.info('creating role ' + group)
    def newRole = new Role(
      roleId: group,
      source: "",
      name: group,
      description: "",
      readOnly: false,
      privileges: [],
      roles: []
    )
    security.addRole(group, group, "", [], [])
    currentRole = newRole
  }
  user = security.securitySystem.getUser(carpUser.Username)
  log.info('Adding role ' + currentRole.getRoleId() + ' to user ' + user.getUserId())
  presentRole = authManager.getRole(currentRole.getRoleId())
  user.addRole(new RoleIdentifier(presentRole.getSource(), presentRole.getRoleId()))
  security.securitySystem.updateUser(user)
}
`