我正在尝试自动删除Jenkins用户。我试过的Groovy脚本如下所示。
import hudson.model.User
User u = User.get('rh54')
u.delete()
当用户进行LDAP集成时,提到的groovy脚本不会被删除。此外,正在使用的安全领域是基于角色的战略。
请建议
答案 0 :(得分:1)
下面的groovy脚本应该创建一个RoleBasedAuthorizationStrategy的新实例,不包括所有角色的给定用户。
请注意,我没有彻底测试过,请确保在测试此脚本之前备份Jenkins实例。
import hudson.model.*
import com.michelin.cio.hudson.plugins.rolestrategy.*
String removeRolesFromUser="test"
def roleBasedAuthorizationStrategy = Jenkins.getInstance().getAuthorizationStrategy()
if(roleBasedAuthorizationStrategy instanceof RoleBasedAuthorizationStrategy){
boolean changed=false
Map<String, RoleMap> roleMaps = roleBasedAuthorizationStrategy.getRoleMaps()
RoleBasedAuthorizationStrategy updatedRoleBasedAuthorizationStrategy = new RoleBasedAuthorizationStrategy()
for(Map.Entry<String, RoleMap> roleMapEntry : roleMaps.entrySet()){
Set<Role> roleSet = roleMapEntry.getValue().getRoles()
for(Role role : roleSet){
updatedRoleBasedAuthorizationStrategy.addRole(roleMapEntry.getKey(),role);
for(String addUserAgain : roleMapEntry.getValue().getSidsForRole(role.getName())){
if(!addUserAgain.equals(removeRolesFromUser)){
updatedRoleBasedAuthorizationStrategy.assignRole(roleMapEntry.getKey(),role,addUserAgain)
}else{
println("User : " + removeRolesFromUser + " excluded from role : " + role.getName())
changed=true
}
}
}
}
if(changed){
Jenkins.getInstance().setAuthorizationStrategy(updatedRoleBasedAuthorizationStrategy)
println("INFO: Authorization strategy updated, user " + removeRolesFromUser + " removed from all roles.")
Jenkins.getInstance().save();
println("INFO: Authorization strategy saved to disk.")
}else{
println("INFO: No changes made to Authorization strategy since user : " + removeRolesFromUser + " does not belong to any role!")
}
}else{
println("ERROR : This script works only for RoleBasedAuthorizationStrategy!")
}