112 lines
3.4 KiB
Ruby
112 lines
3.4 KiB
Ruby
|
#
|
||
|
# Cookbook Name:: tomcat
|
||
|
# Library:: chef_tomcat_cookbook
|
||
|
#
|
||
|
# Author:: Jamie Winsor (<jamie@vialstudios.com>)
|
||
|
#
|
||
|
# Copyright 2010-2012, Opscode, Inc.
|
||
|
#
|
||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
# you may not use this file except in compliance with the License.
|
||
|
# You may obtain a copy of the License at
|
||
|
#
|
||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||
|
#
|
||
|
# Unless required by applicable law or agreed to in writing, software
|
||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
# See the License for the specific language governing permissions and
|
||
|
# limitations under the License.
|
||
|
#
|
||
|
|
||
|
class Chef
|
||
|
module TomcatCookbook
|
||
|
class TomcatCookbookError < StandardError; end
|
||
|
class InvalidUserDataBagItem < TomcatCookbookError
|
||
|
attr_reader :item
|
||
|
|
||
|
def initialize(item)
|
||
|
@item = item
|
||
|
end
|
||
|
|
||
|
def to_s
|
||
|
msg = "The item you provided: #{item.inspect} in the #{USERS_DATA_BAG} was invalid. Items "
|
||
|
msg << "require an 'id', 'password', and 'roles' field. Consult the documentation for further instructions."
|
||
|
end
|
||
|
end
|
||
|
|
||
|
class TomcatUserDataBagNotFound < TomcatCookbookError
|
||
|
def to_s
|
||
|
"Please create a data bag named '#{USERS_DATA_BAG}' and try again."
|
||
|
end
|
||
|
end
|
||
|
|
||
|
USERS_DATA_BAG = 'tomcat_users'
|
||
|
|
||
|
class << self
|
||
|
# Returns a array of data bag items for the users in the Tomcat Users
|
||
|
# data bag. All items are validated before returning.
|
||
|
#
|
||
|
# @raise [TomcatCookbook::InvalidUserDataBagItem] if an invalid item
|
||
|
# was found in the Tomcat users data bag.
|
||
|
#
|
||
|
# @return [Array<Chef::DataBagItem>, Array<Chef::EncryptedDataBagItem>]
|
||
|
def users
|
||
|
@users ||= find_users
|
||
|
end
|
||
|
|
||
|
# Returns an array of roles assigned to the users in the Tomcat Users
|
||
|
# data bag.
|
||
|
#
|
||
|
# @raise [TomcatCookbook::InvalidUserDataBagItem] if an invalid item was
|
||
|
# found in the Tomcat users data bag.
|
||
|
#
|
||
|
# @return [Array<String>]
|
||
|
def roles
|
||
|
users.map { |item| item['roles'] }.flatten.uniq
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def find_users
|
||
|
users = if Chef::Config[:solo]
|
||
|
data_bag = Chef::DataBag.load(USERS_DATA_BAG)
|
||
|
data_bag.keys.map do |name|
|
||
|
Chef::DataBagItem.load(USERS_DATA_BAG, name)
|
||
|
end
|
||
|
else
|
||
|
begin
|
||
|
items = Chef::Search::Query.new.search(USERS_DATA_BAG)[0]
|
||
|
rescue Net::HTTPServerException => e
|
||
|
raise TomcatUserDataBagNotFound if e.message.match(/404/)
|
||
|
raise e
|
||
|
end
|
||
|
decrypt_items(items)
|
||
|
end
|
||
|
|
||
|
users.each { |user| validate_user_item(user) }
|
||
|
users
|
||
|
end
|
||
|
|
||
|
def validate_user_item(user)
|
||
|
if user['id'].empty? || user['id'].nil? &&
|
||
|
user['password'].empty? || user['password'].nil? &&
|
||
|
user['roles'].nil? || !user['roles'].is_a?(Array)
|
||
|
|
||
|
fail InvalidUserDataBagItem.new(user), 'Invalid User Databag Item'
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def decrypt_items(items)
|
||
|
items.map do |item|
|
||
|
EncryptedDataBagItem.new(item, encrypted_secret)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def encrypted_secret
|
||
|
@encrypted_secret ||= EncryptedDataBagItem.load_secret
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
end
|