-
Notifications
You must be signed in to change notification settings - Fork 0
/
acl.sh
100 lines (84 loc) · 2.61 KB
/
acl.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
#!/bin/bash
ADMIN_EMAIL="[email protected]"
ADMIN_PASSWORD=""
HOST="localhost"
PORT=27017
DB="devel"
CURRENT_DIRECTORY="$(pwd)" # It has to be on main directory
function check_admin_role {
result=$(mongosh "mongodb+srv://cluster0.5srlc.mongodb.net" --username <> --password <> --quiet --eval "
db=db.getSiblingDB('${DB}');
db.roles.find({'roleName': 'admin'}).count();");
if [ "$result" -gt 0 ]
then
echo "Admin role found"
else
echo "Admin role not found"
create=$(mongosh "mongodb+srv://cluster0.5srlc.mongodb.net" --username <> --password <> --quiet --eval "
db=db.getSiblingDB('${DB}');
db.roles.insert({'roleName': 'admin', 'isActive': true}).nInserted;");
if [ "$create" -eq 1 ]
then
echo "Admin role is added"
else
echo "Admin role could not added"
exit 1;
fi
fi
}
function add_admin_user {
result=$(mongosh "mongodb+srv://cluster0.5srlc.mongodb.net" --username <> --password <> --quiet --eval "
db=db.getSiblingDB('${DB}');
role_id=db.roles.findOne({'roleName': 'admin'})._id;
check_admin=db.users.find({'roleId': role_id}).count();
if (check_admin == 0){
db.users.insert({'name_surname': 'Admin', 'email': '${ADMIN_EMAIL}', 'password': '<>', 'roleId': role_id}).nInserted;
};
");
if [ "$result" -eq 1 ]
then
echo "Admin user created"
fi
}
function json_escape {
export PYTHONIOENCODING=utf-8;
cat < "$1" | python -c 'import json,sys; arr = json.load(sys.stdin, encoding="utf-8").values(); str_arr = [x.encode("utf8") for x in arr]; print(str_arr);'
}
function add_role_to_acl {
echo "adding to access admin role for $1 module"
result=$(mongosh "mongodb+srv://cluster0.5srlc.mongodb.net" --username <> --password <> --quiet --eval "
db=db.getSiblingDB('${DB}');
role_id=db.roles.findOne({'roleName': 'admin'})._id;
admin_id=db.users.find({'roleId': role_id})._id;
acl_check=db.acl.find({'moduleName': $1})
acl_check_with_role=db.acl.find({'moduleName': $1, 'aclSchema.roleId': role_id})
if(!acl_check.count()){
db.acl.insert({'moduleName': $1, 'aclSchema': [{'permission': {
'GET': true,
'POST': true,
'PUT': true,
'DELETE': true
}, 'roleId': role_id}]
});
} else if(!acl_check_with_role.count()){
db.acl.updateOne({'moduleName': $1},{\$push: {'aclSchema': {
'permission': {
'GET': true,
'POST': true,
'PUT': true,
'DELETE': true
}, 'roleId': role_id
}}})
}
");
}
function get_modules {
modules=($(json_escape "$CURRENT_DIRECTORY/src/applications/acl.module.conf.json" | tr -d '[],'))
for module in "${modules[@]}"
do
add_role_to_acl "$module"
done
}
check_admin_role
add_admin_user
get_modules