UNPKG

masson

Version:

Module execution engine for cluster deployments.

github.com/adaltas/node-masson

adaltas/node-masson

59 lines (51 loc) 2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# OpenLDAP ACL export default header: 'OpenLDAP Server ACL', handler: ({options}) -> After this call, the follwing command should execute with success: ```bash ldapsearch -H ldap://master3.hadoop:389 -D cn=nssproxy,ou=users,dc=adaltas,dc=com -w test ``` @call header: 'ACL for nssproxy', handler: -> @ldap.acl suffix: options.suffix acls: [ to: 'attrs=userPassword,userPKCS12' by: [ 'dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage' "dn.exact=\"cn=nssproxy,ou=users,#{options.suffix}\" read" 'self write' 'anonymous auth' '* none' ] , to: 'attrs=shadowLastChange' by: [ 'self write' 'dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage' "dn.exact=\"cn=nssproxy,ou=users,#{options.suffix}\" read" '* none' ] , to: "dn.subtree=\"#{options.suffix}\"" by: [ "dn.exact=\"cn=nssproxy,ou=users,#{options.suffix}\" read" '* none' ] ] @call header: 'ACL Insert User', handler: -> # Keeping this as an example but we dont need it here since this module # is always run next to the OpenLDAP server # host = @host_with_module 'masson/core/openldap_server' # host_ctx = @hosts[host] # require('./openldap_server').configure host_ctx # {url, root_dn, root_password, users_dn, groups_dn} = host_@config.openldap_server @ldap.user uri: options.uri binddn: options.root_dn passwd: options.root_password user: options.proxy_user @call header: 'ACL Insert Group', handler: -> @ldap.add uri: options.uri, binddn: options.root_dn passwd: options.root_password entry: options.proxy_group