-
Notifications
You must be signed in to change notification settings - Fork 9
/
alicloud_ram_user.rb
125 lines (108 loc) · 3.22 KB
/
alicloud_ram_user.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
require 'alicloud_backend'
class AliCloudRamUser < AliCloudResourceBase
name 'alicloud_ram_user'
desc 'Verifies settings for AliCloud ram users.'
example <<-EXAMPLE
# Ensure a user exists
describe alicloud_ram_user('ALICLOUD_USER_NAME') do
it {should exist}
end
EXAMPLE
attr_reader :user_name, :user_id, :display_name, :comments, :email,
:mobile_phone, :create_date, :update_date, :last_login_date,
:access_keys, :active_access_keys
def initialize(opts = {})
opts = { user_name: opts } if opts.is_a?(String)
super(opts)
@opts = opts
validate_parameters(required: %i(user_name region))
@resp = fetch_user_info(opts)
return if @resp.nil?
@user = @resp
@user_name = @user['UserName']
@user_id = @user['UserId']
@display_name = @user['DisplayName']
@comments = @user['Comments']
@email = @user['Email']
@mobile_phone = @user['MobilePhone']
@create_date = @user['CreateDate']
@update_date = @user['UpdateDate']
@last_login_date = @user['LastLoginDate']
login_profile = fetch_login_profile(opts)
@has_console_access = login_profile.nil? ? false : true
access_keys = fetch_access_keys(opts)
@access_keys = access_keys.nil? ? [] : access_keys.map { |x| x['AccessKeyId'] }
@active_access_keys = if access_keys.nil?
[]
else
access_keys.select do |x|
x['Status'] == 'Active'
end.map { |x| x['AccessKeyId'] }
end
@has_active_access_key = @active_access_keys != []
@has_console_and_key_access = has_console_and_key_access?
end
def has_console_and_key_access?
@has_console_access && !@active_access_keys.nil? && @active_access_keys != []
end
def has_console_access?
@has_console_access
end
def has_active_access_key?
@has_active_access_key
end
def fetch_user_info(opts)
catch_alicloud_errors('EntityNotExist.User') do
resp = @alicloud.ram_client.request(
action: 'GetUser',
params: {
'RegionId': opts[:region],
'UserName': opts[:user_name],
},
opts: {
method: 'POST',
},
)['User']
return resp
end
end
def fetch_login_profile(opts)
catch_alicloud_errors('EntityNotExist.User.LoginProfile') do
resp = @alicloud.ram_client.request(
action: 'GetLoginProfile',
params: {
'RegionId': opts[:region],
'UserName': opts[:user_name],
},
opts: {
method: 'POST',
},
)['LoginProfile']
return resp
end
end
def fetch_access_keys(opts)
catch_alicloud_errors do
resp = @alicloud.ram_client.request(
action: 'ListAccessKeys',
params: {
'RegionId': opts[:region],
'UserName': opts[:user_name],
},
opts: {
method: 'POST',
},
)['AccessKeys']['AccessKey']
return resp
end
end
def exists?
end
def resource_id
@user_id
end
def to_s
"AliCloud RAM User #{@opts[:user_name]}"
end
end