forked from redhat-openstack/openstack-puppet-modules
-
Notifications
You must be signed in to change notification settings - Fork 0
/
rabbitmqctl.rb
116 lines (97 loc) · 2.78 KB
/
rabbitmqctl.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
require 'puppet'
require 'set'
Puppet::Type.type(:rabbitmq_user).provide(:rabbitmqctl) do
if Puppet::PUPPETVERSION.to_f < 3
commands :rabbitmqctl => 'rabbitmqctl'
else
has_command(:rabbitmqctl, 'rabbitmqctl') do
environment :HOME => "/tmp"
end
end
defaultfor :feature => :posix
def self.instances
rabbitmqctl('-q', 'list_users').split(/\n/).collect do |line|
if line =~ /^(\S+)(\s+\[.*?\]|)$/
new(:name => $1)
else
raise Puppet::Error, "Cannot parse invalid user line: #{line}"
end
end
end
def create
rabbitmqctl('add_user', resource[:name], resource[:password])
if resource[:admin] == :true
make_user_admin()
end
if !resource[:tags].nil?
set_user_tags(resource[:tags])
end
end
def change_password
rabbitmqctl('change_password', resource[:name], resource[:password])
end
def password
nil
end
def check_password
response = rabbitmqctl('eval', 'rabbit_auth_backend_internal:check_user_login(<<"' + resource[:name] + '">>, [{password, <<"' + resource[:password] +'">>}]).')
if response.include? 'invalid credentials'
false
else
true
end
end
def destroy
rabbitmqctl('delete_user', resource[:name])
end
def exists?
rabbitmqctl('-q', 'list_users').split(/\n/).detect do |line|
line.match(/^#{Regexp.escape(resource[:name])}(\s+(\[.*?\]|\S+)|)$/)
end
end
def tags
get_user_tags.entries.sort
end
def tags=(tags)
if ! tags.nil?
set_user_tags(tags)
end
end
def admin
if usertags = get_user_tags
(:true if usertags.include?('administrator')) || :false
else
raise Puppet::Error, "Could not match line '#{resource[:name]} (true|false)' from list_users (perhaps you are running on an older version of rabbitmq that does not support admin users?)"
end
end
def admin=(state)
if state == :true
make_user_admin()
else
usertags = get_user_tags
usertags.delete('administrator')
rabbitmqctl('set_user_tags', resource[:name], usertags.entries.sort)
end
end
def set_user_tags(tags)
is_admin = get_user_tags().member?("administrator") \
|| resource[:admin] == :true
usertags = Set.new(tags)
if is_admin
usertags.add("administrator")
end
rabbitmqctl('set_user_tags', resource[:name], usertags.entries.sort)
end
def make_user_admin
usertags = get_user_tags
usertags.add('administrator')
rabbitmqctl('set_user_tags', resource[:name], usertags.entries.sort)
end
private
def get_user_tags
match = rabbitmqctl('-q', 'list_users').split(/\n/).collect do |line|
line.match(/^#{Regexp.escape(resource[:name])}\s+\[(.*?)\]/)
end.compact.first
Set.new(match[1].split(/, /)) if match
end
end