feat: [#440] Create user and assign roles.

030 · Jan 20, 2024 · 5997cca · 5997cca
1 parent 5f17ced
commit 5997cca
Show file tree

Hide file tree

Showing 12 changed files with 521 additions and 11 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -4,12 +4,12 @@ updates:
   - package-ecosystem: 'docker'
     directory: '/'
     schedule:
-      interval: 'weekly'
+      interval: 'daily'
   - package-ecosystem: 'github-actions'
     directory: '/'
     schedule:
-      interval: 'weekly'
+      interval: 'daily'
   - package-ecosystem: 'gomod'
     directory: '/'
     schedule:
-      interval: 'weekly'
+      interval: 'daily'
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
@@ -9,10 +9,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/[email protected]
-      - name: Set up Go
-        uses: actions/[email protected]
+      - uses: actions/[email protected]
         with:
-          go-version: 1.19.0
+          go-version-file: 'go.mod'
+          cache: false
       - name: Install bats
         run: |
           set -x

diff --git a/cmd/n3dr/configRole.go b/cmd/n3dr/configRole.go
@@ -0,0 +1,85 @@
+package main
+
+import (
+	"github.com/030/n3dr/internal/app/n3dr/config/user"
+	"github.com/030/n3dr/internal/app/n3dr/connection"
+	"github.com/030/n3dr/internal/app/n3dr/goswagger/models"
+	log "github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+var downloadRole, uploadRole bool
+
+// configUserCmd represents the configUser command.
+var configRoleCmd = &cobra.Command{
+	Use:   "configRole",
+	Short: "Configure roles.",
+	Long: `Create roles.
+
+Examples:
+  # Create a download role:
+  n3dr configRole --downloadRole
+
+  # Create an upload role:
+  n3dr configRole --uploadRole
+`,
+	Run: func(cmd *cobra.Command, args []string) {
+		if !downloadRole && !uploadRole {
+			log.Fatal("either the downloadRole or uploadRole is required")
+		}
+
+		acu := models.APICreateUser{
+			EmailAddress: email,
+			FirstName:    firstName,
+			LastName:     lastName,
+			Password:     pass,
+			UserID:       id,
+		}
+		n := connection.Nexus3{
+			FQDN:  n3drURL,
+			HTTPS: &https,
+			Pass:  n3drPass,
+			User:  n3drUser,
+		}
+		u := user.User{APICreateUser: acu, Nexus3: n}
+
+		if downloadRole {
+			u.Roles = []string{"nx-download"}
+			rr := models.RoleXORequest{
+				ID:   "nx-download",
+				Name: "nx-download",
+				Privileges: []string{
+					"nx-repository-view-*-*-browse",
+					"nx-repository-view-*-*-read",
+				},
+			}
+			r := user.Role{RoleXORequest: rr, Nexus3: n}
+			if err := r.CreateRole(); err != nil {
+				log.Fatal(err)
+			}
+		}
+
+		if uploadRole {
+			u.Roles = []string{"nx-upload"}
+			rr := models.RoleXORequest{
+				ID:   "nx-upload",
+				Name: "nx-upload",
+				Privileges: []string{
+					"nx-repository-view-*-*-add",
+					"nx-repository-view-*-*-edit",
+				},
+			}
+			r := user.Role{RoleXORequest: rr, Nexus3: n}
+			if err := r.CreateRole(); err != nil {
+				log.Fatal(err)
+			}
+		}
+	},
+}
+
+func init() {
+	rootCmd.AddCommand(configRoleCmd)
+
+	configRoleCmd.Flags().BoolVar(&downloadRole, "downloadRole", false, "Whether a download role should be created")
+	configRoleCmd.Flags().BoolVar(&uploadRole, "uploadRole", false, "Whether an upload role should be created")
+}
diff --git a/cmd/n3dr/configUser.go b/cmd/n3dr/configUser.go
@@ -9,8 +9,9 @@ import (
 )
 
 var (
-	admin, changePass, downloadUser, uploadUser bool
-	email, firstName, id, lastName, pass        string
+	admin, changePass, custom, downloadUser, uploadUser bool
+	email, firstName, id, lastName, pass                string
+	roles                                               []string
 )
 
 // configUserCmd represents the configUser command.
@@ -20,12 +21,15 @@ var configUserCmd = &cobra.Command{
 	Long: `Create users or change their passwords.
 
 Examples:
+  # Create a custom user and assign certain roles:
+  n3dr configUser --pass some-pass --email [email protected] --firstName build --id build --lastName build --roles nx-download,nx-upload --custom
+
   # Change the admin password:
   n3dr configUser --changePass --https=false --n3drUser admin --n3drURL nexus3:8081 --n3drPass initial-pass --pass some-pass --email [email protected] --firstName admin --id admin --lastName admin
 `,
 	Run: func(cmd *cobra.Command, args []string) {
-		if !admin && !downloadUser && !uploadUser && !changePass {
-			log.Fatal("either the admin, changePass, downloadUser or uploadUser is required")
+		if !admin && !custom && !downloadUser && !uploadUser && !changePass {
+			log.Fatal("either the admin, custom, changePass, create, downloadUser or uploadUser is required")
 		}
 
 		acu := models.APICreateUser{
@@ -50,6 +54,15 @@ Examples:
 			}
 		}
 
+		if custom {
+			u.Roles = roles
+			log.Info("roles:", u)
+
+			if err := u.Create(); err != nil {
+				log.Fatal(err)
+			}
+		}
+
 		if downloadUser {
 			u.Roles = []string{"nx-download"}
 			rr := models.RoleXORequest{
@@ -125,7 +138,10 @@ func init() {
 	}
 
 	configUserCmd.Flags().BoolVar(&admin, "admin", false, "Whether a user should be admin")
+	configUserCmd.Flags().BoolVar(&custom, "custom", false, "Create a user and assign certain roles")
 	configUserCmd.Flags().BoolVar(&downloadUser, "downloadUser", false, "Whether a user should be able to download")
 	configUserCmd.Flags().BoolVar(&uploadUser, "uploadUser", false, "Whether a user should be able to upload")
 	configUserCmd.Flags().BoolVar(&changePass, "changePass", false, "Whether a pass should be changed")
+
+	configUserCmd.Flags().StringArrayVar(&roles, "roles", nil, "Which roles have to be assigned to the custom user")
 }
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/030/n3dr
 
-go 1.21
+go 1.21.5
 
 require (
 	github.com/030/logging v0.1.2
@@ -14,8 +14,10 @@ require (
 	github.com/go-openapi/validate v0.22.3
 	github.com/go-playground/validator/v10 v10.15.5
 	github.com/hashicorp/go-retryablehttp v0.7.5
+	github.com/lib/pq v0.0.0-20180327071824-d34b9ff171c2
 	github.com/mholt/archiver/v3 v3.5.1
 	github.com/mitchellh/go-homedir v1.1.0
+	github.com/ory/dockertest/v3 v3.10.0
 	github.com/samber/lo v1.39.0
 	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/cobra v1.8.0
@@ -25,9 +27,18 @@ require (
 )
 
 require (
+	github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
+	github.com/Microsoft/go-winio v0.6.0 // indirect
+	github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect
 	github.com/andybalholm/brotli v1.0.6 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
+	github.com/cenkalti/backoff/v4 v4.1.3 // indirect
+	github.com/containerd/continuity v0.3.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/docker/cli v20.10.17+incompatible // indirect
+	github.com/docker/docker v20.10.7+incompatible // indirect
+	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/docker/go-units v0.5.0 // indirect
 	github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
@@ -40,10 +51,13 @@ require (
 	github.com/go-openapi/spec v0.20.9 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/google/uuid v1.5.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
@@ -54,12 +68,17 @@ require (
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mholt/archiver/v4 v4.0.0-alpha.7 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/moby/term v0.0.0-20201216013528-df9cb8a40635 // indirect
 	github.com/nwaples/rardecode v1.1.0 // indirect
 	github.com/nwaples/rardecode/v2 v2.0.0-beta.2 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
+	github.com/opencontainers/go-digest v1.0.0 // indirect
+	github.com/opencontainers/image-spec v1.0.2 // indirect
+	github.com/opencontainers/runc v1.1.5 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
 	github.com/pierrec/lz4/v4 v4.1.18 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/sagikazarmark/locafero v0.3.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
@@ -74,16 +93,21 @@ require (
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/ulikunitz/xz v0.5.11 // indirect
+	github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect
+	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
+	github.com/xeipuuv/gojsonschema v1.2.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
 	go.mongodb.org/mongo-driver v1.13.1 // indirect
 	go.opentelemetry.io/otel v1.14.0 // indirect
 	go.opentelemetry.io/otel/trace v1.14.0 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
 	golang.org/x/crypto v0.14.0 // indirect
+	golang.org/x/mod v0.13.0 // indirect
 	golang.org/x/net v0.17.0 // indirect
 	golang.org/x/sys v0.13.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/tools v0.14.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect