From 2b16a314f1c20c3936cbdd3366b7b0b9357b8f3f Mon Sep 17 00:00:00 2001 From: David Kaufmann Date: Sun, 20 Jan 2019 05:21:06 +0100 Subject: [PATCH] properly create admin users --- camunda-overlay/camunda.py | 125 +++++++++++++++++++++++++++++++++++++ 1 file changed, 125 insertions(+) diff --git a/camunda-overlay/camunda.py b/camunda-overlay/camunda.py index 74eb8a7..ad437a4 100755 --- a/camunda-overlay/camunda.py +++ b/camunda-overlay/camunda.py @@ -38,6 +38,10 @@ def get_users(): res = requests.get(CAMUNDA + "user") return res.json() +def get_groups(): + res = requests.get(CAMUNDA + "group") + return res.json() + def cleanup_users(keep = ["demo"]): for user in get_users(): # keep user "demo" @@ -54,6 +58,125 @@ def cleanup_users(keep = ["demo"]): except: pprint(res.content) +def cleanup_groups(): + for group in get_groups(): + res = requests.delete(CAMUNDA + "group/" + group['id']) + if (res.status_code == 204): + print ("Cleaned up group {}".format(group['id'])) + else: + print ("Error cleaning group {}: Code: {}".format(group['id'], res.status_code)) + try: + pprint(res.json()) + except: + pprint(res.content) + +def get_authorizations(): + res = requests.get(CAMUNDA + "authorization") + return res.json() + +def create_admin_user(): + # create user + params = { + "profile": { + "id": "admin", + "firstName": "Admin", + "lastName": "User", + "email": "aic@dsg.tuwien.ac.at" + }, + "credentials": { + "password": "admin" + } + } + res = requests.post(CAMUNDA + "user/create", json=params) + if (res.status_code == 204): + print ("Created user admin") + else: + print ("Error creating user admin: Code: {}".format(res.status_code)) + try: + pprint(res.json()) + except: + pprint(res.content) + + + # clean all authorizations + for auth in get_authorizations(): + res = requests.delete(CAMUNDA + "authorization/" + auth['id']) + if (res.status_code == 204): + print ("Cleaned up authorization {}".format(auth['id'])) + else: + print ("Error cleaning authorization {}: Code: {}".format(auth['id'], res.status_code)) + try: + pprint(res.json()) + except: + pprint(res.content) + + + # set all permissions for modifying users + params = { + "type": 1, + "permissions": ["ALL"], + "userId": "admin", + "groupId": None, + "resourceType": 1, + "resourceId": "admin" + } + res = requests.post(CAMUNDA + "authorization/create", json=params) + if (res.status_code == 200): + print ("Set users permissions for admin users") + else: + print ("Error setting users permissions for admin user: Code: {}".format(res.status_code)) + try: + pprint(res.json()) + except: + pprint(res.content) + + # create admin group + params = { + "id": "camunda-admin", + "name": "camunda BPM Administrators", + "type": "SYSTEM" + } + res = requests.post(CAMUNDA + "group/create", json=params) + if (res.status_code == 204): + print ("Created user admin") + else: + print ("Error creating group camunda-admin: Code: {}".format(res.status_code)) + try: + pprint(res.json()) + except: + pprint(res.content) + + # add admin user to camunda-admin + res = requests.put(CAMUNDA + "group/camunda-admin/members/admin") + if (res.status_code == 204): + print ("Added admin to camunda-admin") + else: + print ("Error adding user admin to group camunda-admin: Code: {}".format(res.status_code)) + try: + pprint(res.json()) + except: + pprint(res.content) + + # set all permissions for admin group + for resourceType in range(0, 16): + params = { + "type": 1, + "permissions": ["ALL"], + "userId": None, + "groupId": "camunda-admin", + "resourceType": resourceType, + "resourceId": "*" + } + res = requests.post(CAMUNDA + "authorization/create", json=params) + if (res.status_code == 200): + print ("Set group permissions for id {}".format(resourceType)) + else: + print ("Error setting application permissions for admin user: Code: {}".format(res.status_code)) + try: + pprint(res.json()) + except: + pprint(res.content) + def get_filters(): res = requests.get(CAMUNDA + "filter") return res.json() @@ -149,7 +272,9 @@ if __name__ == "__main__": create_deployment(cleanup=args.cleanup) if args.cleanup: cleanup_users() + cleanup_groups() cleanup_filters() + create_admin_user() if args.autoclick >= 1: # start clicking -- 2.43.0