-
Notifications
You must be signed in to change notification settings - Fork 9
/
user.rb
118 lines (100 loc) · 3.16 KB
/
user.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
require "serverkit/resources/base"
require "unix_crypt"
module Serverkit
module Resources
class User < Base
attribute :gid, type: [Integer, String]
attribute :home, type: String
attribute :name, type: String, required: true
attribute :password, type: String
attribute :shell, type: String
attribute :system, type: [FalseClass, TrueClass]
attribute :uid, type: Integer
# @note Override
def apply
if has_correct_user?
update_user_encrypted_password unless has_correct_password?
update_user_gid unless has_correct_gid?
update_user_home_directory unless has_correct_home_directory?
update_user_login_shell unless has_correct_login_shell?
update_user_uid unless has_correct_uid?
else
add_user
end
end
# @note Override
def check
if !has_correct_user?
false
elsif !has_correct_gid?
false
elsif !has_correct_home_directory?
false
elsif !has_correct_password?
false
elsif !has_correct_login_shell?
false
elsif !has_correct_uid?
false
else
true
end
end
private
def add_user
run_command_from_identifier(
:add_user,
name,
gid: gid,
home_directory: home,
password: encrypted_password,
shell: shell,
system_user: system,
uid: uid,
)
end
# @return [String, nil]
def encrypted_password
unless password.nil?
@encrypted_password ||= UnixCrypt::SHA512.build(password)
end
end
def get_remote_encrypted_password
run_command_from_identifier(:get_user_encrypted_password, name).stdout
end
def has_correct_gid?
gid.nil? || check_command_from_identifier(:check_user_belongs_to_group, name, gid)
end
def has_correct_home_directory?
home.nil? || check_command_from_identifier(:check_user_has_home_directory, name, home)
end
def has_correct_login_shell?
shell.nil? || check_command_from_identifier(:check_user_has_login_shell, name, shell)
end
def has_correct_password?
password.nil? || ::UnixCrypt.valid?(password, get_remote_encrypted_password)
end
def has_correct_uid?
uid.nil? || check_command_from_identifier(:check_user_has_uid, name, uid)
end
def has_correct_user?
check_command_from_identifier(:check_user_exists, name)
end
def update_user_encrypted_password
run_command_from_identifier(:update_user_encrypted_password, name, encrypted_password)
end
def update_user_gid
run_command_from_identifier(:update_user_gid, name, gid)
end
def update_user_home_directory
run_command_from_identifier(:update_user_home_directory, name, home)
end
def update_user_login_shell
run_command_from_identifier(:update_user_login_shell, name, shell)
end
def update_user_uid
run_command_from_identifier(:update_user_uid, name, uid)
end
end
end
end