From 2b16a314f1c20c3936cbdd3366b7b0b9357b8f3f Mon Sep 17 00:00:00 2001
From: David Kaufmann <david.kaufmann@student.tuwien.ac.at>
Date: Sun, 20 Jan 2019 05:21:06 +0100
Subject: [PATCH] properly create admin users

---
 camunda-overlay/camunda.py | 125 +++++++++++++++++++++++++++++++++++++
 1 file changed, 125 insertions(+)

diff --git a/camunda-overlay/camunda.py b/camunda-overlay/camunda.py
index 74eb8a7..ad437a4 100755
--- a/camunda-overlay/camunda.py
+++ b/camunda-overlay/camunda.py
@@ -38,6 +38,10 @@ def get_users():
     res = requests.get(CAMUNDA + "user")
     return res.json()
 
+def get_groups():
+    res = requests.get(CAMUNDA + "group")
+    return res.json()
+
 def cleanup_users(keep = ["demo"]):
     for user in get_users():
         # keep user "demo"
@@ -54,6 +58,125 @@ def cleanup_users(keep = ["demo"]):
             except:
                 pprint(res.content)
 
+def cleanup_groups():
+    for group in get_groups():
+        res = requests.delete(CAMUNDA + "group/" + group['id'])
+        if (res.status_code == 204):
+            print ("Cleaned up group {}".format(group['id']))
+        else:
+            print ("Error cleaning group {}: Code: {}".format(group['id'], res.status_code))
+            try:
+                pprint(res.json())
+            except:
+                pprint(res.content)
+
+def get_authorizations():
+    res = requests.get(CAMUNDA + "authorization")
+    return res.json()
+
+def create_admin_user():
+    # create user
+    params = {
+            "profile": {
+                "id": "admin",
+                "firstName": "Admin",
+                "lastName": "User",
+                "email": "aic@dsg.tuwien.ac.at"
+                },
+            "credentials": {
+                "password": "admin"
+                }
+            }
+    res = requests.post(CAMUNDA + "user/create", json=params)
+    if (res.status_code == 204):
+        print ("Created user admin")
+    else:
+        print ("Error creating user admin: Code: {}".format(res.status_code))
+        try:
+            pprint(res.json())
+        except:
+            pprint(res.content)
+
+
+    # clean all authorizations
+    for auth in get_authorizations():
+        res = requests.delete(CAMUNDA + "authorization/" + auth['id'])
+        if (res.status_code == 204):
+            print ("Cleaned up authorization {}".format(auth['id']))
+        else:
+            print ("Error cleaning authorization {}: Code: {}".format(auth['id'], res.status_code))
+            try:
+                pprint(res.json())
+            except:
+                pprint(res.content)
+
+
+    # set all permissions for modifying users
+    params = {
+            "type": 1,
+            "permissions": ["ALL"],
+            "userId": "admin",
+            "groupId": None,
+            "resourceType": 1,
+            "resourceId": "admin"
+            }
+    res = requests.post(CAMUNDA + "authorization/create", json=params)
+    if (res.status_code == 200):
+        print ("Set users permissions for admin users")
+    else:
+        print ("Error setting users permissions for admin user: Code: {}".format(res.status_code))
+        try:
+            pprint(res.json())
+        except:
+            pprint(res.content)
+
+    # create admin group
+    params = {
+            "id": "camunda-admin",
+            "name": "camunda BPM Administrators",
+            "type": "SYSTEM"
+            }
+    res = requests.post(CAMUNDA + "group/create", json=params)
+    if (res.status_code == 204):
+        print ("Created user admin")
+    else:
+        print ("Error creating group camunda-admin: Code: {}".format(res.status_code))
+        try:
+            pprint(res.json())
+        except:
+            pprint(res.content)
+
+    # add admin user to camunda-admin
+    res = requests.put(CAMUNDA + "group/camunda-admin/members/admin")
+    if (res.status_code == 204):
+        print ("Added admin to camunda-admin")
+    else:
+        print ("Error adding user admin to group camunda-admin: Code: {}".format(res.status_code))
+        try:
+            pprint(res.json())
+        except:
+            pprint(res.content)
+
+    # set all permissions for admin group
+    for resourceType in range(0, 16):
+        params = {
+                "type": 1,
+                "permissions": ["ALL"],
+                "userId": None,
+                "groupId": "camunda-admin",
+                "resourceType": resourceType,
+                "resourceId": "*"
+                }
+        res = requests.post(CAMUNDA + "authorization/create", json=params)
+        if (res.status_code == 200):
+            print ("Set group permissions for id {}".format(resourceType))
+        else:
+            print ("Error setting application permissions for admin user: Code: {}".format(res.status_code))
+            try:
+                pprint(res.json())
+            except:
+                pprint(res.content)
+
 def get_filters():
     res = requests.get(CAMUNDA + "filter")
     return res.json()
@@ -149,7 +272,9 @@ if __name__ == "__main__":
         create_deployment(cleanup=args.cleanup)
         if args.cleanup:
             cleanup_users()
+            cleanup_groups()
             cleanup_filters()
+            create_admin_user()
 
     if args.autoclick >= 1:
         # start clicking
-- 
2.43.0