fruworg/pgls
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add YAML schema validation through kwalify

Browse Source
This commit is contained in:
Lars Kanis 2011-05-23 15:39:42 +02:00
parent 2e2daf173f
commit 5800f7cbc4
1 changed files with 31 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
lib/pg_ldap_sync/application.rb
View File

@ -6,6 +6,7 @@ require 'optparse'
require 'yaml' require 'yaml'
require 'logger' require 'logger'
require 'pg' require 'pg'
require 'kwalify'
require 'pg_ldap_sync' require 'pg_ldap_sync'
@ -27,6 +28,29 @@ class Application
end end
end end
def validate_config(config, schema, fname)
schema = YAML.load_file(schema)
validator = Kwalify::Validator.new(schema)
errors = validator.validate(config)
if errors && !errors.empty?
errors.each do |err|
log.fatal "error in #{fname}: [#{err.path}] #{err.message}"
end
exit -1
end
end
def read_config_file(fname)
raise "Config file #{fname.inspect} does not exist" unless File.exist?(fname)
config = YAML.load(File.read(fname))
schema_fname = File.join(File.dirname(__FILE__), '../../config/schema.yaml')
validate_config(config, schema_fname, fname)
@config = string_to_symbol(config)
end
LdapRole = Struct.new :name, :dn, :member_dns LdapRole = Struct.new :name, :dn, :member_dns
def search_ldap_users def search_ldap_users
@ -263,23 +287,28 @@ class Application
end end
def start! def start!
raise "Config file #{@config_fname.inspect} does not exist" unless File.exist?(@config_fname) read_config_file(@config_fname)
@config = string_to_symbol(YAML.load(File.read(@config_fname)))
# gather LDAP users and groups
@ldap = Net::LDAP.new @config[:ldap_connection] @ldap = Net::LDAP.new @config[:ldap_connection]
ldap_users = uniq_names search_ldap_users ldap_users = uniq_names search_ldap_users
ldap_groups = uniq_names search_ldap_groups ldap_groups = uniq_names search_ldap_groups
# gather PGs users and groups
@pgconn = PGconn.connect @config[:pg_connection] @pgconn = PGconn.connect @config[:pg_connection]
pg_users = uniq_names search_pg_users pg_users = uniq_names search_pg_users
pg_groups = uniq_names search_pg_groups pg_groups = uniq_names search_pg_groups
# compare LDAP to PG users and groups
mroles = match_roles(ldap_users, pg_users, :user) mroles = match_roles(ldap_users, pg_users, :user)
mroles += match_roles(ldap_groups, pg_groups, :group) mroles += match_roles(ldap_groups, pg_groups, :group)
# compare LDAP to PG memberships
mmemberships = match_memberships(ldap_users+ldap_groups, pg_users+pg_groups) mmemberships = match_memberships(ldap_users+ldap_groups, pg_users+pg_groups)
# apply changes on roles
sync_roles_to_pg(mroles) sync_roles_to_pg(mroles)
# apply changes on memberships
sync_membership_to_pg(mmemberships) sync_membership_to_pg(mmemberships)
end end