diff options
author | snehaldwivedi <sdwivedi@msystechnologies.com> | 2020-07-31 04:37:07 -0700 |
---|---|---|
committer | snehaldwivedi <sdwivedi@msystechnologies.com> | 2021-02-16 02:45:12 -0800 |
commit | f9f3fe38013846ffc8a7bb080363c27e02837307 (patch) | |
tree | 0562ea254790ac9e8c50f5375e69602c3d9580ec /lib/chef/group.rb | |
parent | 1f655be8219c9e20dffd68adc2ff97c29e2c29b3 (diff) | |
download | chef-f9f3fe38013846ffc8a7bb080363c27e02837307.tar.gz |
Updated reviewed changes
Signed-off-by: snehaldwivedi <sdwivedi@msystechnologies.com>
Diffstat (limited to 'lib/chef/group.rb')
-rw-r--r-- | lib/chef/group.rb | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/lib/chef/group.rb b/lib/chef/group.rb new file mode 100644 index 0000000000..d1b4f1ac01 --- /dev/null +++ b/lib/chef/group.rb @@ -0,0 +1,75 @@ +# +# Copyright:: Copyright 2011-2016 Chef Software, Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require_relative "org" + +class Chef + class Group + + def group(groupname) + @group ||= {} + @group[groupname] ||= chef_rest.get_rest "organizations/#{name}/groups/#{groupname}" + end + + def user_member_of_group?(username, groupname) + group = group(groupname) + group["actors"].include? username + end + + def add_user_to_group(groupname, username) + group = group(groupname) + body_hash = { + groupname: "#{groupname}", + actors: { + "users" => group["actors"].concat([username]), + "groups" => group["groups"], + }, + } + chef_rest.put_rest "organizations/#{name}/groups/#{groupname}", body_hash + end + + def remove_user_from_group(groupname, username) + group = group(groupname) + group["actors"].delete(username) + body_hash = { + groupname: "#{groupname}", + actors: { + "users" => group["actors"], + "groups" => group["groups"], + }, + } + chef_rest.put_rest "organizations/#{name}/groups/#{groupname}", body_hash + end + + def actor_delete_would_leave_admins_empty? + admins = group("admins") + if admins["groups"].empty? + # exclude 'pivotal' but don't mutate the group since we're caching it + if admins["actors"].include? "pivotal" + admins["actors"].length <= 2 + else + admins["actors"].length <= 1 + end + else + # We don't check recursively. If the admins group contains a group, + # and the user is the only member of that group, + # we'll still turn up a 'safe to delete'. + false + end + end + end +end |