Nexus REST API可将LDAP用户映射到现有角色

时间:2018-12-05 15:09:01

标签: java groovy sonatype nexus3

是否有可能使用Groovy脚本将LDAP用户映射到现有的关系角色?我创建了一个Groovy脚本,该脚本将检查LDAP中的员工编号,并将关系角色映射到我的用户ID。

import org.sonatype.nexus.security.role.RoleIdentifier
import org.sonatype.nexus.security.user.User
import org.sonatype.nexus.security.user.UserManager
import org.sonatype.nexus.security.role.NoSuchRoleException
import groovy.json.JsonOutput 
import groovy.json.JsonSlurper 
import groovy.json.JsonBuilder
import java.util.ArrayList
import java.util.HashSet
import java.util.List
import java.util.Set


def id = "NA10009"
def roles = 'dot-maven'
def json = new JsonBuilder()
def root= json id: id, roles: roles 
def roles1 = json.toString()
def role = new JsonSlurper().parseText(roles1)
 log.info("The Role in JSON  : $roles1")

authManager = security.getSecuritySystem().getAuthorizationManager(UserManager.DEFAULT_SOURCE)
 log.info("The authManager  : $authManager")
roles = (role.roles == null ? new HashSet() :role.roles.toSet())
try {
    User user = security.securitySystem.getUser(id, 'LDAP') 
    def existingRole = authManager.getRole(role.roles)
    log.info("The Role  : $existingRole")

    if (user != null) {
        List test = []
        test << existingRole.roleId
         log.info("The Role list  : $test")
        security.setUsersRoles(id,  test)
        log.info("Role of $roles  has been added to $id")
    } else {
        log.warn("$id not found.")
    }

} catch (Exception e) {
    log.error(e.toString())
}

输出为

    org.sonatype.nexus.internal.script.ScriptTask - groovy.lang.MissingMethodException: No signature of method: org.sonatype.nexus.security.internal.DefaultSecuritySystem$$EnhancerByGuice$$20b4f8d.setUsersRoles() is applicable for argument types: (java.lang.String, java.lang.String, java.util.ArrayList) values: [NA10009, [dot-maven]]
Possible solutions: setUsersRoles(java.lang.String, java.lang.String, java.util.Set)

我为角色创建了一个json并尝试更新LDAP用户。但这会引发上述错误。

1 个答案:

答案 0 :(得分:1)

要将Nexus角色添加到LDAP用户,

import org.sonatype.nexus.security.role.RoleIdentifier;
import org.sonatype.nexus.security.user.User;
import org.sonatype.nexus.security.user.UserManager;

String userId = 'NA10009';
String newRoleId = 'dot-maven'
String realm = 'LDAP'
String role_realm = 'default'

User user = security.securitySystem.getUser(userId, realm)
authManager = security.getSecuritySystem().getAuthorizationManager(UserManager.DEFAULT_SOURCE)
def existingRole = authManager.getRole(newRoleId)
if(user != null) {
    RoleIdentifier newRole = new RoleIdentifier(role_realm, existingRole.roleId);
    user.addRole(newRole)
    security.securitySystem.setUsersRoles(user.getUserId(), realm, user.getRoles());
} else {
    log.warn("No user with ID of $userId found.")
}
相关问题
最新问题