Nexus REST API 将 LDAP 用户映射到现有角色
Nexus REST API to map LDAP user to existing Roles
是否有可能使用 Groovy 脚本将 LDAP 用户映射到现有的 nexus 角色?我已经创建了一个 Groovy 脚本,它将在 LDAP 中检查我的员工编号并将 nexus 角色映射到我的用户 ID。
import org.sonatype.nexus.security.role.RoleIdentifier
import org.sonatype.nexus.security.user.User
import org.sonatype.nexus.security.user.UserManager
import org.sonatype.nexus.security.role.NoSuchRoleException
import groovy.json.JsonOutput
import groovy.json.JsonSlurper
import groovy.json.JsonBuilder
import java.util.ArrayList
import java.util.HashSet
import java.util.List
import java.util.Set
def id = "NA10009"
def roles = 'dot-maven'
def json = new JsonBuilder()
def root= json id: id, roles: roles
def roles1 = json.toString()
def role = new JsonSlurper().parseText(roles1)
log.info("The Role in JSON : $roles1")
authManager = security.getSecuritySystem().getAuthorizationManager(UserManager.DEFAULT_SOURCE)
log.info("The authManager : $authManager")
roles = (role.roles == null ? new HashSet() :role.roles.toSet())
try {
User user = security.securitySystem.getUser(id, 'LDAP')
def existingRole = authManager.getRole(role.roles)
log.info("The Role : $existingRole")
if (user != null) {
List test = []
test << existingRole.roleId
log.info("The Role list : $test")
security.setUsersRoles(id, test)
log.info("Role of $roles has been added to $id")
} else {
log.warn("$id not found.")
}
} catch (Exception e) {
log.error(e.toString())
}
输出为
org.sonatype.nexus.internal.script.ScriptTask - groovy.lang.MissingMethodException: No signature of method: org.sonatype.nexus.security.internal.DefaultSecuritySystem$$EnhancerByGuice$b4f8d.setUsersRoles() is applicable for argument types: (java.lang.String, java.lang.String, java.util.ArrayList) values: [NA10009, [dot-maven]]
Possible solutions: setUsersRoles(java.lang.String, java.lang.String, java.util.Set)
我为角色创建了 json 并尝试更新 LDAP 用户。但它抛出上述错误。
要将 Nexus 角色添加到 LDAP 用户,
import org.sonatype.nexus.security.role.RoleIdentifier;
import org.sonatype.nexus.security.user.User;
import org.sonatype.nexus.security.user.UserManager;
String userId = 'NA10009';
String newRoleId = 'dot-maven'
String realm = 'LDAP'
String role_realm = 'default'
User user = security.securitySystem.getUser(userId, realm)
authManager = security.getSecuritySystem().getAuthorizationManager(UserManager.DEFAULT_SOURCE)
def existingRole = authManager.getRole(newRoleId)
if(user != null) {
RoleIdentifier newRole = new RoleIdentifier(role_realm, existingRole.roleId);
user.addRole(newRole)
security.securitySystem.setUsersRoles(user.getUserId(), realm, user.getRoles());
} else {
log.warn("No user with ID of $userId found.")
}
是否有可能使用 Groovy 脚本将 LDAP 用户映射到现有的 nexus 角色?我已经创建了一个 Groovy 脚本,它将在 LDAP 中检查我的员工编号并将 nexus 角色映射到我的用户 ID。
import org.sonatype.nexus.security.role.RoleIdentifier
import org.sonatype.nexus.security.user.User
import org.sonatype.nexus.security.user.UserManager
import org.sonatype.nexus.security.role.NoSuchRoleException
import groovy.json.JsonOutput
import groovy.json.JsonSlurper
import groovy.json.JsonBuilder
import java.util.ArrayList
import java.util.HashSet
import java.util.List
import java.util.Set
def id = "NA10009"
def roles = 'dot-maven'
def json = new JsonBuilder()
def root= json id: id, roles: roles
def roles1 = json.toString()
def role = new JsonSlurper().parseText(roles1)
log.info("The Role in JSON : $roles1")
authManager = security.getSecuritySystem().getAuthorizationManager(UserManager.DEFAULT_SOURCE)
log.info("The authManager : $authManager")
roles = (role.roles == null ? new HashSet() :role.roles.toSet())
try {
User user = security.securitySystem.getUser(id, 'LDAP')
def existingRole = authManager.getRole(role.roles)
log.info("The Role : $existingRole")
if (user != null) {
List test = []
test << existingRole.roleId
log.info("The Role list : $test")
security.setUsersRoles(id, test)
log.info("Role of $roles has been added to $id")
} else {
log.warn("$id not found.")
}
} catch (Exception e) {
log.error(e.toString())
}
输出为
org.sonatype.nexus.internal.script.ScriptTask - groovy.lang.MissingMethodException: No signature of method: org.sonatype.nexus.security.internal.DefaultSecuritySystem$$EnhancerByGuice$b4f8d.setUsersRoles() is applicable for argument types: (java.lang.String, java.lang.String, java.util.ArrayList) values: [NA10009, [dot-maven]]
Possible solutions: setUsersRoles(java.lang.String, java.lang.String, java.util.Set)
我为角色创建了 json 并尝试更新 LDAP 用户。但它抛出上述错误。
要将 Nexus 角色添加到 LDAP 用户,
import org.sonatype.nexus.security.role.RoleIdentifier;
import org.sonatype.nexus.security.user.User;
import org.sonatype.nexus.security.user.UserManager;
String userId = 'NA10009';
String newRoleId = 'dot-maven'
String realm = 'LDAP'
String role_realm = 'default'
User user = security.securitySystem.getUser(userId, realm)
authManager = security.getSecuritySystem().getAuthorizationManager(UserManager.DEFAULT_SOURCE)
def existingRole = authManager.getRole(newRoleId)
if(user != null) {
RoleIdentifier newRole = new RoleIdentifier(role_realm, existingRole.roleId);
user.addRole(newRole)
security.securitySystem.setUsersRoles(user.getUserId(), realm, user.getRoles());
} else {
log.warn("No user with ID of $userId found.")
}