/usr/lib/ruby/vendor_ruby/chef/resource/chef_user.rb is in ruby-cheffish 4.0.0-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | require 'cheffish'
require 'cheffish/chef_actor_base'
class Chef
class Resource
class ChefUser < Cheffish::ChefActorBase
resource_name :chef_user
# Client attributes
property :name, Cheffish::NAME_REGEX, name_property: true
property :display_name, String
property :admin, Boolean
property :email, String
property :external_authentication_uid
property :recovery_authentication_enabled, Boolean
property :password, String # Hmm. There is no way to idempotentize this.
#property :salt # TODO server doesn't support sending or receiving these, but it's the only way to backup / restore a user
#property :hashed_password
#property :hash_type
# Input key
property :source_key # String or OpenSSL::PKey::*
property :source_key_path, String
property :source_key_pass_phrase
# Output public key (if so desired)
property :output_key_path, String
property :output_key_format, [ :pem, :der, :openssh ], default: :openssh
# Proc that runs just before the resource executes. Called with (resource)
def before(&block)
block ? @before = block : @before
end
# Proc that runs after the resource completes. Called with (resource, json, private_key, public_key)
def after(&block)
block ? @after = block : @after
end
action :create do
create_actor
end
action :delete do
delete_actor
end
action_class.class_eval do
#
# Helpers
#
# Gives us new_json, current_json, not_found_json, etc.
def actor_type
'user'
end
def actor_path
"#{rest.root_url}/users"
end
def resource_class
Chef::Resource::ChefUser
end
def data_handler
Chef::ChefFS::DataHandler::UserDataHandler.new
end
def keys
{
'name' => :name,
'username' => :name,
'display_name' => :display_name,
'admin' => :admin,
'email' => :email,
'password' => :password,
'external_authentication_uid' => :external_authentication_uid,
'recovery_authentication_enabled' => :recovery_authentication_enabled,
'public_key' => :source_key
}
end
end
end
end
end
|