1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
#
# Author:: Steven Danna (<steve@chef.io>)
# Author:: Tyler Cloke (<tyler@chef.io>)
# Copyright:: Copyright 2012-2016, Chef Software, Inc.
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require "chef/knife"
require "chef/knife/osc_user_create"
class Chef
class Knife
class UserCreate < Knife
attr_accessor :user_field
deps do
require "chef/user_v1"
require "chef/json_compat"
end
option :file,
:short => "-f FILE",
:long => "--file FILE",
:description => "Write the private key to a file if the server generated one."
option :user_key,
:long => "--user-key FILENAME",
:description => "Set the initial default key for the user from a file on disk (cannot pass with --prevent-keygen)."
option :prevent_keygen,
:short => "-k",
:long => "--prevent-keygen",
:description => "API V1 (Chef Server 12.1+) only. Prevent server from generating a default key pair for you. Cannot be passed with --user-key.",
:boolean => true
option :admin,
:short => "-a",
:long => "--admin",
:description => "DEPRECATED: Open Source Chef 11 only. Create the user as an admin.",
:boolean => true
option :user_password,
:short => "-p PASSWORD",
:long => "--password PASSWORD",
:description => "DEPRECATED: Open Source Chef 11 only. Password for newly created user.",
:default => ""
banner "knife user create USERNAME DISPLAY_NAME FIRST_NAME LAST_NAME EMAIL PASSWORD (options)"
def user
@user_field ||= Chef::UserV1.new
end
def create_user_from_hash(hash)
Chef::UserV1.from_hash(hash).create
end
def osc_11_warning
<<-EOF
IF YOU ARE USING CHEF SERVER 12+, PLEASE FOLLOW THE INSTRUCTIONS UNDER knife user create --help.
You only passed a single argument to knife user create.
For backwards compatibility, when only a single argument is passed,
knife user create assumes you want Open Source 11 Server user creation.
knife user create for Open Source 11 Server is being deprecated.
Open Source 11 Server user commands now live under the knife osc_user namespace.
For backwards compatibility, we will forward this request to knife osc_user create.
If you are using an Open Source 11 Server, please use that command to avoid this warning.
NOTE: Backwards compatibility for Open Source 11 Server in these commands will be removed
in Chef 15 which will be released April 2019.
EOF
end
def run_osc_11_user_create
# run osc_user_create with our input
ARGV.delete("user")
ARGV.unshift("osc_user")
Chef::Knife.run(ARGV, Chef::Application::Knife.options)
end
def run
# DEPRECATION NOTE
# Remove this if statement and corrosponding code post OSC 11 support.
#
# If only 1 arg is passed, assume OSC 11 case.
if @name_args.length == 1
ui.warn(osc_11_warning)
run_osc_11_user_create
else # EC / CS 12 user create
test_mandatory_field(@name_args[0], "username")
user.username @name_args[0]
test_mandatory_field(@name_args[1], "display name")
user.display_name @name_args[1]
test_mandatory_field(@name_args[2], "first name")
user.first_name @name_args[2]
test_mandatory_field(@name_args[3], "last name")
user.last_name @name_args[3]
test_mandatory_field(@name_args[4], "email")
user.email @name_args[4]
test_mandatory_field(@name_args[5], "password")
user.password @name_args[5]
if config[:user_key] && config[:prevent_keygen]
show_usage
ui.fatal("You cannot pass --user-key and --prevent-keygen")
exit 1
end
if !config[:prevent_keygen] && !config[:user_key]
user.create_key(true)
end
if config[:user_key]
user.public_key File.read(File.expand_path(config[:user_key]))
end
output = edit_hash(user)
final_user = create_user_from_hash(output)
ui.info("Created #{user}")
if final_user.private_key
if config[:file]
File.open(config[:file], "w") do |f|
f.print(final_user.private_key)
end
else
ui.msg final_user.private_key
end
end
end
end
end
end
end
|