X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fsample%2Fcass_data%2Fscrub.sh;h=2bf12d14e12c177637434077f9e8a2ced4c6277f;hb=7a1817bf3cf3c40c6c33f673ddc46c3f115cc3bc;hp=016b58a7d08cf539eaab937d5f7698ffdd11882a;hpb=28f5a4724ea39a63394654709f6e7e308a70f732;p=aaf%2Fauthz.git diff --git a/auth/sample/cass_data/scrub.sh b/auth/sample/cass_data/scrub.sh index 016b58a7..2bf12d14 100644 --- a/auth/sample/cass_data/scrub.sh +++ b/auth/sample/cass_data/scrub.sh @@ -1,20 +1,112 @@ -> user_role.dat -for ID in $(grep -v "#" ../data/sample.identities.dat | awk -F\| '{print $1}' | grep -v "^$"); do - grep "$ID@" dats/user_role.dat >> user_role.dat -done +#!/bin/bash +######### +# ============LICENSE_START==================================================== +# org.onap.aaf +# =========================================================================== +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# =========================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END==================================================== +# +# +# Copies of Repo data need to be added to "dats" dir for loading by push.sh +# +# Further, repo data has dates that are out of date and may have IDs not valid. We need to make +# sure the important data is consistent with Identities. +# +# This is expected to be run from a controlling Machine data "authz/auth/sample/cass_data" when a backup +# is created that is intended to be "Bootstrap Data" +# +# Date resets on key data load on the system at load time +# -for D in ns ns_attrib perm role config; do - cp dats/$D.dat . -done +DIR=$(pwd) +ID_FILE=../data/sample.identities.dat -echo "Roles in TEST data not in sample.identities.dat (../data)" -UR="$(mktemp)" -DUR="$(mktemp)" +if [ -e $ID_FILE ]; then + if [ "$(uname -s)" = "Darwin" ]; then + DATE=$(date -v "+6m" "+%Y-%m-%d %H:%M:%S.000+0000") + else + DATE=$(date "+%Y-%m-%d %H:%M:%S.000+0000" -d "+6 months") + fi + echo $DATE -cat user_role.dat | awk -F\| '{print $1}' | sort -u > $UR -cat dats/user_role.dat | awk -F\| '{print $1}' | sort -u > $DUR + #### CRED + # Enter for People + CRED="cred.dat" + rm cred.dat + echo "Create default Passwords for all Identities in $CRED" + for ID in $(grep '|a|' $ID_FILE | sed -e "s/|.*//"); do + if [ "$ID" = "aaf" ]; then + DOMAIN="aaf.osaaf.org"; + else + DOMAIN="$ID.onap.org"; + fi + unset FIRST + for D in ${DOMAIN//./ }; do + if [ -z "$FIRST" ]; then + NS="$D" + FIRST="N" + else + NS="$D.$NS" + fi + done + echo "$ID@$DOMAIN|2|${DATE}|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|$NS|53344|" >> $CRED + done + + for ID in $(grep '|e|' $ID_FILE | sed -e "s/|.*//"); do + echo "$ID@people.osaaf.org|2|${DATE}|0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95|Initial ID|org.osaaf.people|53344|" >> $CRED + done + + ##### USER_ROLE + echo "Scrubbing user_roles not in $ID_FILE" + + ## Covering for when scrubbing in cass_init versus a Backup + if [ -d "dats" ]; then + for D in ns ns_attrib perm role config artifact; do + if [ -e "dats/$D.dat" ]; then + cp dats/$D.dat . + fi + done + else + mkdir -p dats + cp user_role.dat dats + REMOVE_DATS=true + fi + > user_role.dat + for ID in $(grep -v "#" $ID_FILE | awk -F\| '{print $1}' | grep -v "^$"); do + grep "$ID@" dats/user_role.dat >> user_role.dat + done + + UR="$(mktemp)" + DUR="$(mktemp)" + + cat user_role.dat | awk -F\| '{print $1}' | sort -u > $UR + cat dats/user_role.dat | awk -F\| '{print $1}' | sort -u > $DUR + + echo "Removed IDs from user_roles" + diff $UR $DUR | grep "^>" | sort -u + + rm "$UR" "$DUR" + + mv user_role.dat tmp + sed "s/\(^.*|\)\(.*|\)\(.*|\)\(.*\)/\1${DATE}|\3\4/" tmp > user_role.dat + rm tmp + if [ -n "$REMOVE_DATS" ]; then + rm -Rf dats + fi +else + echo $0 requires access to $ID_FILE +fi -echo "Removed IDs from user_roles" -diff $UR $DUR | grep "^>" | sort -u -rm "$UR" "$DUR"